#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Air-Gapped Networks | Breaking Cybersecurity News | The Hacker News

New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data

New Air-Gap Attack Uses MEMS Gyroscope Ultrasonic Covert Channel to Leak Data
Aug 23, 2022
A novel data exfiltration technique has been found to leverage a covert ultrasonic channel to leak sensitive information from isolated, air-gapped computers to a nearby smartphone that doesn't even require a microphone to pick up the sound waves. Dubbed  GAIROSCOPE , the adversarial model is the latest addition to a long list of  acoustic, electromagnetic, optical, and thermal approaches  devised by Dr. Mordechai Guri , the head of R&D in the Cyber Security Research Center in the Ben Gurion University of the Negev in Israel. "Our malware generates ultrasonic tones in the resonance frequencies of the  MEMS gyroscope ," Dr. Guri said in a  new paper  published this week. "These inaudible frequencies produce tiny mechanical oscillations within the smartphone's gyroscope, which can be demodulated into binary information." Air-gapping is seen as an  essential security countermeasure  that involves isolating a computer or network and preventing it from es

Researcher Spots New Malware Claimed to be 'Tailored for Air‑Gapped Networks'

Researcher Spots New Malware Claimed to be 'Tailored for Air‑Gapped Networks'
May 13, 2020
A cybersecurity researcher at ESET today published an analysis of a new piece of malware, a sample of which they spotted on the Virustotal malware scanning engine and believe the hacker behind it is likely interested in some high-value computers protected behind air‑gapped networks. Dubbed ' Ramsay ,' the malware is still under development with two more variants (v2.a and v2.b) spotted in the wild and doesn't yet appear to be a complex attacking framework based upon the details researcher shared. However, before reading anything further, it's important to note that the malware itself doesn't leverage any extraordinary or advanced technique that could let attackers jump air-gapped networks to infiltrate or exfiltrate data from the targeted computers. According to ESET researcher Ignacio Sanmillan, Ramsay infiltrates targeted computers through malicious documents, potentially sent via a spear-phishing email or dropped using a USB drive, and then exploits an ol

SaaS Compliance through the NIST Cybersecurity Framework

SaaS Compliance through the NIST Cybersecurity Framework
Feb 20, 2024Cybersecurity Framework / SaaS Security
The US National Institute of Standards and Technology (NIST) cybersecurity framework is one of the world's most important guidelines for securing networks. It can be applied to any number of applications, including SaaS.  One of the challenges facing those tasked with securing SaaS applications is the different settings found in each application. It makes it difficult to develop a configuration policy that will apply to an HR app that manages employees, a marketing app that manages content, and an R&D app that manages software versions, all while aligning with NIST compliance standards.  However, there are several settings that can be applied to nearly every app in the SaaS stack. In this article, we'll explore some universal configurations, explain why they are important, and guide you in setting them in a way that improves your SaaS apps' security posture.  Start with Admins Role-based access control (RBAC) is a key to NIST adherence and should be applied to every SaaS a

New Malware Jumps Air-Gapped Devices by Turning Power-Supplies into Speakers

New Malware Jumps Air-Gapped Devices by Turning Power-Supplies into Speakers
May 04, 2020
Cybersecurity researcher Mordechai Guri from Israel's Ben Gurion University of the Negev recently demonstrated a new kind of malware that could be used to covertly steal highly sensitive data from air-gapped and audio-gapped systems using a novel acoustic quirk in power supply units that come with modern computing devices. Dubbed ' POWER-SUPPLaY ,' the latest research builds on a series of techniques leveraging electromagnetic, acoustic, thermal, optical covert channels, and even power cables to exfiltrate data from non-networked computers. "Our developed malware can exploit the computer power supply unit (PSU) to play sounds and use it as an out-of-band, secondary speaker with limited capabilities," Dr. Guri outlined in a paper published today and shared with The Hacker News. "The malicious code manipulates the internal switching frequency of the power supply and hence controls the sound waveforms generated from its capacitors and transformers.&q

Are You Vulnerable to Third-Party Breaches Through Interconnected SaaS Apps?

cyber security
websiteWing SecuritySaaS Security / Risk Management
Protect against cascading risks by identifying and mitigating app2app and third-party SaaS vulnerabilities.

Exfiltrating Data from Air-Gapped Computers Using Screen Brightness

Exfiltrating Data from Air-Gapped Computers Using Screen Brightness
Feb 05, 2020
It may sound creepy and unreal, but hackers can also exfiltrate sensitive data from your computer by simply changing the brightness of the screen, new cybersecurity research shared with The Hacker News revealed. In recent years, several cybersecurity researchers demonstrated innovative ways to covertly exfiltrate data from a physically isolated air-gapped computer that can't connect wirelessly or physically with other computers or network devices. These clever ideas rely on exploiting little-noticed emissions of a computer's components, such as light, sound , heat , radio frequencies , or ultrasonic waves , and even using the current fluctuations in the power lines. For instance, potential attackers could sabotage supply chains to infect an air-gapped computer, but they can't always count on an insider to unknowingly carry a USB with the data back out of a targeted facility. When it comes to high-value targets, these unusual techniques, which may sound theoretica

How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs

How to Steal Bitcoin Wallet Keys (Cold Storage) from Air-Gapped PCs
Apr 23, 2018
Dr. Mordechai Guri, the head of R&D team at Israel's Ben Gurion University, who previously demonstrated various methods to steal data from an air-gapped computer, has now published new research named " BeatCoin ." BeatCoin is not a new hacking technique; instead, it's an experiment wherein the researcher demonstrates how all previously discovered out-of-band communication methods can be used to steal private keys for a cryptocurrency wallet installed on cold storage, preferably an air-gapped computer or Raspberry Pi. For those unaware, keeping your cryptocurrency protected in a wallet on a device which is entirely offline is called cold storage. Since online digital wallets carry different security risks, some people prefer keeping their private keys offline. Air-gapped computers are those that are isolated from the Internet, local networks, Bluetooth and therefore, are believed to be the most secure devices and are difficult to infiltrate or exfiltrate.

MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data

MOSQUITO Attack Allows Air-Gapped Computers to Covertly Exchange Data
Mar 12, 2018
The team of security researchers—who last month demonstrated how attackers could steal data from air-gapped computers protected inside a Faraday cage—are back with its new research showing how two (or more) air-gapped PCs placed in the same room can covertly exchange data via ultrasonic waves. Air-gapped computers are believed to be the most secure setup wherein the systems remain isolated from the Internet and local networks, requiring physical access to access data via a USB flash drive or other removable media. Dubbed MOSQUITO , the new technique, discovered by a team of researchers at Israel's Ben Gurion University, works by reversing connected speakers (passive speakers, headphones, or earphones) into microphones by exploiting a specific audio chip feature. Two years ago, the same team of researchers demonstrated how attackers could covertly listen to private conversations in your room just by reversing your headphones (connected to the infected computer) into a micr

Brutal Kangaroo: CIA-developed Malware for Hacking Air-Gapped Networks Covertly

Brutal Kangaroo: CIA-developed Malware for Hacking Air-Gapped Networks Covertly
Jun 22, 2017
WikiLeaks has published a new batch of the ongoing Vault 7 leak , this time detailing a tool suite – which is being used by the CIA for Microsoft Windows that targets "closed networks by air gap jumping using thumb drives," mainly implemented in enterprises and critical infrastructures. Air-gapped computers that are isolated from the Internet or other external networks are believed to be the most secure computers on the planet have become a regular target in recent years. Dubbed Brutal Kangaroo (v1.2.1), the tool suit was allegedly designed by the Central Intelligence Agency (CIA) in year 2012 to infiltrate a closed network or air-gapped computer within an organization or enterprise without requiring any direct access. The previous version of Brutal Kangaroo was named as EZCheese , which was exploiting a vulnerability that was zero-day until March 2015, though the newer version was using " unknown link file vulnerability (Lachesis/RiverJack) related to the lib

New Hack Uses Hard Drive's Noise to Transfer Stolen Data from Air-Gapped Computer

New Hack Uses Hard Drive's Noise to Transfer Stolen Data from Air-Gapped Computer
Aug 12, 2016
Air-gapped computers that are isolated from the Internet and other computers are long considered to be the most secure and safest place for storing data in critical infrastructures such as industrial control systems, financial institutions, and classified military networks. However, these systems have sometimes been targeted in the past, which proves that these isolated systems are not completely secure. Previous techniques of hacking air gap computers include: AirHopper that turns a computer's video card into an FM transmitter to capture keystrokes; BitWhisper that relies on heat exchange between two computer systems to stealthily siphon passwords or security keys; Hacking air-gapped computer using a basic low-end mobile phone with GSM network; and Stealing the secret cryptographic key from an air-gapped computer placed in another room using a Side-Channel Attack. Now, researchers have devised a new method to steal data from an infected computer even if it has no

Chinese Hackers Target Air-Gapped Networks in Southeast Asia

Chinese Hackers Target Air-Gapped Networks in Southeast Asia
Apr 13, 2015
A State-sponsored Cyber Espionage Group -- most likely linked to the Chinese government becomes the first group to target the so-called " Air-Gapped Networks " that aren't directly connected to the Internet. What are Air-Gapped systems? Air-gapped systems are known to be the most safest and secure systems on the earth. These systems are isolated from the Internet or any other Internet-connected computers or external networks. Air-gapped systems are generally used in the critical situations that demand high security like in payment networks to process debit and credit card transactions, military networks, and in industrial control systems that operate critical infrastructure of the Nation. Why Air-Gapped? It is very difficult to siphon data from Air-Gapped systems because it requires a physical access to the target system or machine in order to do that and gaining physical access is possible only by using removable devices such as a firewire cab
Cybersecurity Resources