-
ArticleAIR-Jumper: How can security camera lights transmit data?
Researchers developed aIR-Jumper, an exploit that leverages lights within security cameras to extract data. Learn how this attack works and how to prevent it with expert Nick Lewis. Read Now
-
ArticleBrutal Kangaroo USB malware could be reverse-engineered
The Brutal Kangaroo USB malware leaked from the CIA's Vault 7 could pose a threat to air-gapped computers if hackers reverse-engineer it. Read Now
-
ArticleDEFCON hopes voting machine hacking can secure systems
The first official report on voting machine hacking from DEFCON suggests the need for pen testing, basic security guidelines and cooperation from local and federal governments. Read Now
-
ArticleDHS' Dragonfly ICS campaign alert isn't enough, experts say
The Department of Homeland Security released an alert confirming the Dragonfly ICS cyberattack campaign, but experts said more action is needed to protect critical infrastructure. Read Now
Editor's note
Air gap attacks are a growing cyberthreat that make air-gapped networks, which are cut off from the internet, vulnerable to attack. While systems that are air-gapped are typically used to protect critical systems and data, attackers have found a way to circumvent those protective gaps to gain access to the systems, as well as to covertly exfiltrate data from them.
This guide is a collection of expert advice and recent news and analysis on air gap attacks, as well as the history of such attacks, to alert infosec professionals of this danger.
1How USB malware gets around the air gap defense
One way that hackers are beating the air gap is through the use of USB malware, such as USB Thief, as it can infect targeted systems leaving little, if any, trace. These threats use different techniques to jump air gaps in order to spread malware across a network, create covert channels for transmitting sensitive data, and even permanently disable or destroy targeted systems.
-
Article
Brutal Kangaroo: How does it hop to air-gapped computers?
The CIA Vault 7 cache exposed the Brutal Kangaroo USB malware, which can be spread to computers without an internet connection. Learn how this is possible with expert Nick Lewis. Read Now
-
Article
Proof-of-concept malware jumps air gap with sound card
Researchers demonstrate proof-of-concept malware exfiltrating data using high-frequency transmissions inaudible to humans Read Now
-
Article
How does USBee turn USB storage devices into covert channels?
USB storage devices can be turned into covert channels with a software tool called USBee. Expert Nick Lewis explains how to protect your enterprise data from this attack. Read Now
-
Article
How does USB Killer v3 damage devices through their USB connections?
USB Killer devices, with the ability to destroy systems via a USB input, are available and inexpensive. Expert Nick Lewis explains how they work and how to defend against this threat. Read Now
2Stuxnet and the origins of air gap attacks
One of the first instances of an air gap attack was the Stuxnet worm in 2010. While the original attack targeted Iran's nuclear facility at Natanz, variants of the Stuxnet worm have been discovered in enterprises over the years. This section looks back at Stuxnet and the shadow it still casts over the threat landscape.
-
Article
Stuxnet hit Chevron’s systems, the energy giant admits
US energy giant Chevron has revealed that it was hit by the Stuxnet virus in 2010 Read Now
-
Article
Stuxnet worm flaw still the most exploited after seven years
Security researchers say the vulnerability behind the infamous Stuxnet worm is still the most exploited in the world, seven years after being patched. Read Now
-
Article
After Stuxnet: Windows Shell flaw still most abused years later
A Windows Shell flaw used by the Stuxnet worm continues to pose problems years after it was patched. Nick Lewis explains how the flaw exposes enterprise security shortcomings. Read Now