In networking, an air gap refers to a security measure that separates a network from the public infrastructure, either physically or through the use of extremely secure tunnelling. This prevents access to that network over the internet or less secure LANs and is used in high security locations as it is generally considered one of the best ways of securing a network. As with all things silicon, it is not perfect and this article at The Register should not be read by the faint of heart. They describe several methods which have been developed to overcome air gaps, thankfully most require that the attacker had been able to gain physical access to the air gapped systems to infect them from within and as you have heard many times, once an attacker can gain physical access to your systems all bets are off.
What is interesting is the ways in which the infected systems transmit the stolen data without the need for physical contact and are incredibly difficult to detect. Some are able to use the FM frequencies generated by GPUs to send data to cellphones up to 7m away while another uses the pixels to transmit hidden data in a way that is invisible to the user of the machine. Other attacks involve spreading infection via microphones and speakers or a thumbdrive which was attached to an air gapped machine which could transmit data over a radio frequency up to 13 kilometres away. It is a wild world out there and even though many of the attacks described have only been done in research labs; don't let strangers fondle your equipment without consent!
"The custom code had jumped an air gap at a defence client and infected what should have been a highly-secure computer. Sikorski's colleagues from an unnamed company plucked the malware and sent it off to FireEye's FLARE team for analysis."
Here is some more Tech News from around the web:
- Storage firms drop 'A bombs' on the backup biz @ The Register
- BitTorrent Announces Exclusive TV Shows @ Slashdot
- Chip giant TSMC, flush with record sales, plans $16bn fab build-out @ The Register
- Ofcom paves way for IoT network with white space approval @ The Inquirer
So much for the hundreds of
So much for the hundreds of geniuses that claimed Dragus Rius was wrong….
Cough BADbios cough