A new method devised to leak information and jump over air-gaps takes advantage of Serial Advanced Technology Attachment (SATA) or Serial ATA cables as a communication medium, adding to a long list of electromagnetic, magnetic, electric, optical, and acoustic methods already demonstrated to plunder data.
“Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6GHz frequency band,” Dr. Mordechai Guri, the head of R&D in the Cyber Security Research Centre in the Ben Gurion University of the Negev in Israel, wrote in a paper published last week.
The technique, dubbed SATAn, takes advantage of the prevalence of the computer bus interface, making it “highly available to attackers in a wide range of computer systems and IT environments.”
Put simply, the goal is to use the SATA cable as a covert channel to emanate electromagnetic signals and transfer a brief amount of sensitive information from highly secured, air-gapped computers wirelessly to a nearby receiver more than 1m away.
An air-gapped network is one that’s physically isolated from any other networks in order to increase its security. Air-gapping is seen as an essential mechanism to safeguard high-value systems that are of huge interest to espionage-motivated threat actors.
images from Hacker News