Hacking air gapped networks by using lasers and drones

  • 25 October 2014
  • 1 reply
  • 1244 views

Userlevel 7
Badge +54
by Pierluigi Paganini on October 25th, 2014
 
 http://securityaffairs.co/wordpress/wp-content/uploads/2014/10/air-gapped-network-malware-300x168.jpg
 

A group of Israeli researchers has demonstrated at the last Black Hat Conference how to hack air gapped networks by using lasers and drones.

A lot of people believe that it is possible to secure a computer keeping it off, security specialists define a network separated by the Internet, or by any other unsecure networks, as “Air gapped network”.
Unfortunately also Air gapped networks could be hacked with different techniques, a threat actor could use a USB to compromise it (i.e. as happened for the Stuxnet infection in Iranian nuclear facility of Natanz) or, as revealed by Edward Snowden, using radar weaves and sophisticated equipment.
 
Full Article

1 reply

Userlevel 7
The following article is a update:

Air gaps: happy gas for infosec happy gas or a noble but inert idea?

11 Feb 2015 at 06:03, Darren Pauli
 
FEATURE Last year Michael Sikorski of FireEye was sent a very unusual piece of malware.
The custom code had jumped an air gap at a defence client and infected what should have been a highly-secure computer. Sikorski's colleagues from an unnamed company plucked the malware and sent it off to FireEye's FLARE team for analysis.
 "This malware got its remote commands from removable devices," Sikorski said. "It actually searched for a specific formatted and hidden file that was encrypted, and would then decrypt it to access a series of commands that told it what to do next."
External network links are the lifeblood of most malware. This sample provided the means for malcode to be implanted on victim machines and served as the command and control link over which stolen data could be shipped off to attackers, allowing additional and further infections.
Sikorski's unnamed malware used employees to spread to other machines and distribute commands. Attackers hacked internet enabled computers they knew staff with access to the air-gap machine would use and turned any external storage device in into a digital bridge.
 
full article

Reply