According to the reports, 250 million records with personal information such as emails, IP addresses, and other details, were exposed. For example, In 2020, Microsoft disclosed a data breach event that occurred due to misconfigured security rules. Many massive data leakage incidents have been reported in the last decade. This is usually done in the form of covert communication channels within Internet protocols such as HTTPS, FTP, SMTP, and so on. After reaching the data, the attackers exfiltrate the information outside the boundaries of the organization. Accordingly, adversaries spend a lot of resources and efforts to put their hands on the target information, usually documents and databases.
Information is the most valuable asset of modern organizations. Our experiments show that with the LANTENNA attack, data can be exfiltrated from air-gapped computers to a distance of several meters away. We evaluate the covert channel in different scenarios and present a set of countermeasures.
AIR GAPPED LAPTOPS CODE
Notably, the malicious code can run in an ordinary user-mode process and successfully operate from within a virtual machine. We discuss the exfiltration techniques, examine the covert channel characteristics, and provide implementation details. A nearby receiving device can intercept the signals wirelessly, decode the data, and send it to the attacker. Malicious code in air-gapped computers gathers sensitive data and then encodes it over radio waves emanating from the Ethernet cables, using them as antennas. In this paper we present LANTENNA - a new type of electromagnetic attack allowing adversaries to leak sensitive data from isolated, air-gapped networks.
Air-gapped networks are wired with Ethernet cables since wireless connections are strictly prohibited.
0 kommentar(er)
