"Malware installed in a secured workstation, laptop, or embedded device can invoke various network activities that generate electromagnetic emissions from Ethernet cables." "This paper shows that attackers can exploit the Ethernet cables to exfiltrate data from air-gapped networks," the researchers said in the paper. Like other data leakage attacks of this kind, triggering the infection requires the deployment of the malware on the target network via any one of different infection vectors that range from supply chain attacks or contaminated USB drives to social engineering techniques, stolen credentials, or by using malicious insiders.Īs countermeasures, the researchers propose prohibiting the use of radio receivers in and around air-gapped networks and monitoring the network interface card link layer activity for any covert channel, as well as jamming the signals, and using metal shielding to limit electromagnetic fields from interfering with or emanating from the shielded wires. In a proof-of-concept demo, data transmitted from an air-gapped computer through its Ethernet cable was received at a distance of 200 cm apart. The LANtenna attack is no different in that it works by using the malware in the air-gapped workstation to induce the Ethernet cable to generate electromagnetic emissions in the frequency bands of 125 MHz that are then modulated and intercepted by a nearby radio receiver. Guri noted in an accompanying research paper titled "LANTENNA: Exfiltrating Data from Air-Gapped Networks via Ethernet Cables."
STEALING SIGNALS CODE
"Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine," Dr.
The transmitted signals can then be intercepted by a nearby software-defined radio (SDR) receiver wirelessly, the data decoded, and sent to an attacker who is in an adjacent room. Mordechai Guri, the head of R&D in the Cyber Security Research Center in the Ben Gurion University of the Negev in Israel, told The Hacker News.ĭubbed " LANtenna Attack," the novel technique enables malicious code in air-gapped computers to amass sensitive data and then encode it over radio waves emanating from Ethernet cables just as if they are antennas. "It's interesting that the wires that came to protect the air-gap become the vulnerability of the air gap in this attack," Dr. A newly discovered data exfiltration mechanism employs Ethernet cables as a "transmitting antenna" to stealthily siphon highly-sensitive data from air-gapped systems, according to the latest research. How about we switch gears and talk about stealing signals Former defensive coordinator for Texas Tech, Matt Wallerstedt, has been accused of giving away defensive signals to other teams.
0 kommentar(er)
