SATAn a new way to exfiltrate data from Air-Gap systems

Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions
Author Message
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Tue Jul 19, 2022 15:52    Post subject: SATAn a new way to exfiltrate data from Air-Gap systems Reply with quote
https://thehackernews.com/2022/07/new-air-gap-attack-uses-sata-cable-as.html

Brought to you by the poynting vector.

Neat uh?

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
Sponsor
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Thu Jul 21, 2022 22:02    Post subject: Reply with quote
The Poynting vector! I detect an EE or physics background. Very Happy

And the technique is interesting in the abstract I guess, as in exploring it would make a cool master's thesis or, at a deeper level, a PhD dissertation. But it's not a realistic concern for anyone not a target of a very clever and determined government. After all, before the bad guy can exfiltrate data from the air-gapped system, he has to first get his malware onto the air-gapped system! And how many of us get anywhere near air-gapped systems anyway? Esp outside of a secure environment where only highly cleared people are allowed!

_________________
2x Netgear XR500 and 3x Linksys WRT1900ACSv2 on 53544: VLANs, VAPs, NAS, station mode, OpenVPN client (AirVPN), wireguard server (AirVPN port forward) and clients (AzireVPN, AirVPN, private), 3 DNSCrypt providers via VPN.
the-joker
DD-WRT Developer/Maintainer


Joined: 31 Jul 2021
Posts: 2146
Location: All over YOUR webs

PostPosted: Fri Jul 22, 2022 0:22    Post subject: Reply with quote
Sure, this was research only and proof of concept.

Similar to SATAn there is the LANtenna Attack, then there's the POWER-SUPPLaY Then there's BitWhisper and the list goes on and on and on.

All rather interesting research, the practicality of real world scenarios dont factor into these conversations, I just enjoy reading these tidbits daily just to see what the cool kids come up with next.

Real tech security is have none, and go live under a rock.

_________________
Saving your retinas from the burn!🔥
DD-WRT Inspired themes for routers
DD-WRT Inspired themes for the phpBB Forum
DD-WRT Inspired themes for the SVN Trac & FTP site
Join in for a chat @ #style_it_themes_public:matrix.org or #style_it_themes:discord

DD-WRT UI Themes Bug Reporting and Discussion thread

Router: ANus RT-AC68U E1 (recognized as C1)
SurprisedItWorks
DD-WRT Guru


Joined: 04 Aug 2018
Posts: 1446
Location: Appalachian mountains, USA

PostPosted: Fri Jul 22, 2022 16:54    Post subject: Reply with quote
Completely agree, it IS cool stuff!

And yes, perfect security requires a BIG rock. Or maybe a big one to live under and a medium-sized one to throw. So we practical types (some would deny my claim to that label) just try to make targeting us a big enough pain that automated systems for mass attack (or mass surveillance, for VPN fans) will simply miss us. Very few of us will ever be specific targets, and anyone in that category has bigger issues than IT security.
Gameman Advanced Kid
DD-WRT Guru


Joined: 18 Nov 2012
Posts: 1158

PostPosted: Sat Jul 23, 2022 2:14    Post subject: Reply with quote
So I listened to someone else on you tube tell me about it here

>>> https://www.youtube.com/watch?v=ILa3d87Wc7Q

And it got me thinking, what if we just used all shielded cables?

I specifically use a WRT32x not because of its neat specs, But its also got shielded ethernet ports.

So the cable is completely shielded all the way from my computer to the router. And if your concerned about which motherboard I am using, Crosshair VIII.

Did not read about lantenna, but I am sure that shielded ethernet cables would be the way to go to mitigate it.

Anyway back on track, I do not think that this would be effective, but mostly on rare occasions when the attacker is very close to the computer.

I did a quick, and the keyword here is "quick", google search for shielded sata cables, but found mostly esata to sata cables.

_________________
For people who are new to the dd-wrt forums >> http://www.catb.org/~esr/faqs/smart-questions.html#rtfm

barryware wrote:
It takes a "community" to raise a router..


Internet Connection 1
Some Techicolor modem > Linksys WRT3200ACM

Internet connection 2
Ubiquiti Powerbeam Gen 2 > Netgear R9000

Official (but not really) dd-wrt General Discussion element/matrix chat

https://matrix.to/#/#dd-wrt-private-non-offical:matrix.org
dale_gribble39
DD-WRT Guru


Joined: 11 Jun 2022
Posts: 1899

PostPosted: Sat Jul 23, 2022 2:43    Post subject: Reply with quote
Lead-shielded cases. <chuckles>
_________________
"The woods are lovely, dark and deep,
But I have promises to keep,
And miles to go before I sleep,
And miles to go before I sleep." - Robert Frost

"I am one of the noticeable ones - notice me" - Dale Frances McKenzie Bozzio

<fact>code knows no gender</fact>

This is me, knowing I've ruffled your feathers, and not giving a ****
Some people are still hard-headed.

--------------------------------------
Mac Pro (Mid 2012) - Two 2.4GHz 6-Core Intel Xeon E5645 processors 64GB 1333MHz DDR3 ECC SDRAM OpenSUSE Leap 15.5
Display posts from previous:    Page 1 of 1
Post new topic   Reply to topic    DD-WRT Forum Index -> General Questions All times are GMT

Navigation

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum