Steve Smith explains how air gapped machines get infected and how data is retrieved from such devices to be sent back to the attacker.
Episode #7-43 released on June 24, 2017
Infecting Air Gapped Machines seems like a new crazy idea, and seems like something out of amazingly sophisticated handbook, but the idea has been around for a long time. The technique stems from an old networking file transfer method, known as the Sneakernet. The Sneakernet predates common usage of the Internet of the masses, and allowed for data transfer to be handed off by hand. Diskettes and discs to be more precise. This meant that while getting a particular item was slow, it was harder to track, too. People today often use the Internet to acquire the same items, today. Now, the Sneakernet was, also, how many viruses were acquired back in the day, as well.
An Air gapped computer or device is typically a safer device. Air gapped machines are named as such, because they are not connected to any hard line, or wireless network. Then only way to get data to those machines is by manually transferring the data to them. This makes the infection vector for them much lower.
Using the Sneakernet method of infecting an air gapped machine, makes it possible to infect the device, but communicating data back and forth is troublesome, and almost impossible. At least, this is what most of us would believe. There are ways of making networks beyond cables, and WIFI, that many aren't aware of. Some of these methods include acoustic and light, which can use our microphones and webcams to transmit information between devices, with signals well outside our level of perception. There are other methods, such as seismic, magnetic, thermal, RF and portable multimedia, however each of those methods present more difficulty in being applied to a person who uses an air gapped device, because either the hardware does not exist, or timeline for data acquisition is unforeseeable.
For those wondering, the range of such a covert networking protocol has been demonstrated plausible up to 65 feet between two devices, and much further with a proper mesh network being deployed, which means that anyone who wishes to infect and communicate information from any device, possibly could. The next problem is, because of the CIA losing their own hacking technology, this could present itself as a very possible issue. And, due to the nature of virus creation, no device, nor operating system is safe from these methods, or attacks.
However, don't take my word for it, follow the breadcrumbs all the way home with my sources. Look at it for yourself. And, while you are at it, remember Stuxnet? This was an infection made possible by a Sneakernet attack. If anyone can infect an Iranian nuclear program facility, who knows what else people can do in less secure places.
Host : Steve Smith | Music : | Editor : Steve Smith | Producer : Zed Axis Dot Net
Feel free to ask more questions, comment on the content, share other possible solutions, and suggestions. An account is required, please register, or login to leave your comment. Thank you for your input.
Playing yet again as Talion, infused with the spirit of the Elf Lord Celebrimbor, you continue you quest against Sauron with a new ring forged, free of his corruption. You start the story seeking out Shelob, a Spider Queen who has recently kidnapped Elf Lord Celebrimbor, and you must make a heavy sacrifice in order to return in to your body. From then on you must fight against the hordes of Orcs commanded by Sauron to free Mordor, starting with the city Minas Ithil, where the Palantir is located. The Palantir is a valuable tool that would allow anyone to see what they would like to see, making it a great tool in winning the war over the entirety of Middle-earth. Your task, prevent Sauron by gaining the upper hand, or everything is lost.
Published on November 12th, 2017