Colin Mc Hugo

0 %
Colin Mc Hugo
Security Engineer Manager & CEO at Quantum Infinite Solutions Group Ltd.
  • Residence:
  • County:
  • Country:
Cyber Security Incident Response
Management & Architecture of Cyber Security Teams
Solutions & Coaching
  • Cyber Security Incident Response
  • Management & Architecture of Cyber Security Teams
  • Solutions
  • Training & Coaching

New Air-Gap Attack Uses SATA Cable as an Antenna to Transfer Radio Signals — The Hacker News

July 19, 2022
Air-Gap Attack

A brand-new approach created to leakage info as well as dive over air-gaps makes use of Serial Advanced Modern Technology Add-on (SATA) or Serial ATA cable televisions as an interaction tool, contributing to a long list of electro-magnetic, magnetic, electrical, optical, as well as acoustic approaches currently showed to ransack information.

” Although air-gap computer systems have no cordless connection, we reveal that opponents can make use of the SATA cable television as a cordless antenna to move radio signals at the 6GHz regularity band,” Dr. Mordechai Guri, the head of R&D in the Cyber Protection Proving Ground in the Ben Gurion College of the Negev in Israel, wrote in a paper released recently.

The strategy, referred to as SATAn, makes use of the occurrence of the computer system bus user interface, making it “very readily available to opponents in a variety of computer system systems as well as IT settings.”

Simply put, the objective is to make use of the SATA cable television as a concealed network to originate electro-magnetic signals as well as move a short quantity of delicate info from very safeguarded, air-gapped computer systems wirelessly to a neighboring receiver greater than 1m away.


An air-gapped network is one that’s literally separated from any kind of various other networks in order to boost its protection. Air-gapping is viewed as a vital system to guard high-value systems that are of massive rate of interest to espionage-motivated risk stars.

That claimed, strikes targeting vital mission-control systems have actually expanded in number as well as elegance over the last few years, as observed just recently when it comes to Industroyer 2 as well as PIPEDREAM (also known as INCONTROLLER).

Dr. Guri is familiar with creating unique methods to draw out delicate information from offline networks, with the scientist preparing 4 various methods considering that the begin of 2020 that utilize numerous side-channels to surreptitiously siphon info.

These consist of illumination (LCD display illumination), POWER-SUPPLaY (power supply system), AIR-FI (Wi-Fi signals), as well as LANtenna (Ethernet cable televisions). The most recent strategy is no various, in which it makes use of the Serial ATA cable television to attain the exact same objectives.

Serial ATA is a bus user interface as well as an Integrated Drive Electronic Devices (IDE) requirement that’s utilized to move information at greater prices to mass storage space tools. Among its primary usages is to link disk drive (HDD), solid-state drives (SSD), as well as optical drives (CD/DVD) to the computer system’s motherboard.


Unlike breaching a typical network using spear-phishing or sprinkling openings, jeopardizing an air-gapped network needs extra complicated methods such as a supply chain assault, utilizing detachable media (e.g., USBStealer as well as USBFerry), or rogue experts to plant malware.

For an opponent whose objective is to swipe secret information, economic information, as well as copyright, the preliminary infiltration is just the begin of the assault chain that’s complied with by reconnaissance, information celebration, as well as information exfiltration via workstations which contain energetic SATA user interfaces.

In the last information function stage, the transmitted information is caught via a surprise receiver or depends on a destructive expert in a company to lug a radio receiver near the air-gapped system. “The receiver keeps an eye on the 6GHz range for a prospective transmission, demodulates the information, deciphers it, as well as sends it to the opponent,” Dr. Guri described.

As countermeasures, it’s advised to take actions to stop the risk star from obtaining a first grip, make use of an outside Superhigh frequency (RF) tracking system to discover abnormalities in the 6GHz regularity band from the air-gapped system, or additionally contaminating the transmission with arbitrary read as well as compose procedures when a dubious concealed network task is identified.

Posted in SecurityTags:
Write a comment