cart

Members

Join Login

Membership and collaboration facilitated by Member 365.

Members

Join Login

Membership and collaboration facilitated by Member 365.

Industry News

  • News
  • Industry News
  • Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems

Academics turn RAM into Wi-Fi cards to steal data from air-gapped systems

AIR-FI technique can send stolen data at speeds of up to 100 b/s to Wi-Fi receivers at a distance of a few meters.

Academics from an Israeli university have published new research today detailing a technique to convert a RAM card into an impromptu wireless emitter and transmit sensitive data from inside a non-networked air-gapped computer that has no Wi-Fi card. Named AIR-FI, the technique is the work of Mordechai Guri, the head of R&D at the Ben-Gurion University of the Negev, in Israel.

Over the last half-decade, Guri has led tens of research projects that investigated stealing data through unconventional methods from air-gapped systems. These types of techniques are what security researchers call "covert data exfiltration channels". They are not techniques to break into computers, but techniques that can be used to steal data in ways defenders aren't expecting. Such data exfiltration channels are not a danger for normal users, but they are a constant threat for the administrators of air-gapped networks.

Air-gapped systems are computers isolated on local networks with no external internet access. Air-gapped systems are often used on government, military, or corporate networks to store sensitive data, such as classified files or intellectual property.

While AIR-FI would be considered a "stunt hack" in the threat model of normal users, it is, however, the type of attack that forces many companies to reconsider the architecture of their air-gapped systems that store high-value assets.

For the complete article, please visit:
https://www.zdnet.com/article/academics-turn-ram-into-wifi-cards-to-steal-data-from-air-gapped-systems/


Author: Catalin Cimpanu


The Colloquium recognizes that the protection of information and infrastructures that are used to create, store, process, and communicate information is vital to business continuity and security. The Colloquium's goal is to work together to define current and emerging requirements for information assurance education and to influence and encourage the development and expansion of information assurance curricula, especially at the graduate and undergraduate levels.

CISSE Workshop²

Thank you for participating. Workshop briefing will be published shortly.

Overview

Recent Posts