2 min read

Air-gapped Systems’ SATA Cables Can Leak Data as Wi-Fi Antennas, Researcher Finds

Vlad CONSTANTINESCU

July 20, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Air-gapped Systems’ SATA Cables Can Leak Data as Wi-Fi Antennas, Researcher Finds

A security researcher discovered that air-gapped systems could leak data through their serial ATA (SATA) cables by using them as wireless antennas. Attackers could, in theory, extract the data through radio signals.

The discovery, dubbed “SATAn” by the head of R&D of The Cyber Security Research Labs at Israel’s Ben-Gurion University, Mordechai Guri, could help threat actors steal sensitive information from air-gapped systems.

Air-gapping, also known as air-walling, is a security measure that involves physically isolating specific devices from unsecured networks such as unsecured LANs or the public Internet. Air-gapped systems are often used in sectors where confidentiality is key, such as nuclear, industrial, military or government organizations.

Guri’s discovery highlights that ordinary SATA 3.0 cables emit electromagnetic emissions of various frequencies, but the 5.9995 – 5.9996 GHz range is most relevant to the data transmission study.

To carry out a SATAn attack, perpetrators must first infect the targeted air-gapped system. Although challenging, physical breaches are not unheard of; Stuxnet, the most notorious, was discovered over a decade ago, in mid-June 2010.

After compromising the targeted system, the embedded malware can be used to modulate and encode sensitive data before exfiltrating it.

While performing read/write operations, the SATA interface emits specific radio signals that can be picked up by the malware and used to reveal the content of the stolen data. Guri demonstrated the concept by exfiltrating the word “SECRET” from an air-gapped system to a nearby PC.

The research also revealed that the distance between the air-gapped system and the receiving PC can’t be greater than 1.2 meters (3.9 feet) without compromising the integrity of the content.

Guri’s proposed method to counter SATAn attacks involves using a SATA jammer to monitor suspicious read/write operations and add noise to obfuscate the signal. However, there are a couple of drawbacks: first and foremost, jamming the electromagnetic emission would put excessive strain on the disk.

Furthermore, telling apart malicious and legitimate read/write operations could be a challenging task and would further increase the load on the system.

tags


Author



Right now

Top posts

What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read
Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

Curious about Omegle? Here’s how the roulette-style chat platform can threaten your online privacy and security

July 07, 2022

5 min read
Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

Identifying and Dealing with Online Bullying Is Not Impossible - School Presentation Inside

June 28, 2022

2 min read
Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

Let’s Celebrate World Social Media Day by Improving Your Privacy and Security Online

June 28, 2022

3 min read
Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

Bitdefender Reveals the Top Cyber Threats Faced by Consumers in 2021

June 22, 2022

1 min read
Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

Scam alert: Cybercrooks use shady investment domain to scam keen investors out of money and data

May 24, 2022

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

UK Drinking Water Supplier Hit with Clop Ransomware UK Drinking Water Supplier Hit with Clop Ransomware
Filip TRUȚĂ

August 17, 2022

2 min read
RubyGems Enforces Mandatory Multi-Factor Authentication for Popular Projects RubyGems Enforces Mandatory Multi-Factor Authentication for Popular Projects
Vlad CONSTANTINESCU

August 17, 2022

1 min read
Google Fined AUD 60 Million over Misleading Data Collection Claims Google Fined AUD 60 Million over Misleading Data Collection Claims
Filip TRUȚĂ

August 16, 2022

2 min read