SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables

@article{Guri2022SATAnAE,
  title={SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables},
  author={Mordechai Guri},
  journal={2022 19th Annual International Conference on Privacy, Security \& Trust (PST)},
  year={2022},
  pages={1-10}
}
  • Mordechai Guri
  • Published 15 July 2022
  • Computer Science
  • 2022 19th Annual International Conference on Privacy, Security & Trust (PST)
This paper introduces a new type of attack on isolated, air-gapped workstations. Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6 GHz frequency band. The Serial ATA (SATA) is a bus interface widely used in modern computers and connects the host bus to mass storage devices such as hard disk drives, optical drives, and solid-state drives. The prevalence of the SATA interface makes this… 

References

SHOWING 1-10 OF 43 REFERENCES

GSMem: Data Exfiltration from Air-Gapped Computers over GSM Frequencies

TLDR
GSMem, a malware that can exfiltrate data through an air-gap over cellular frequencies, is presented and its efficacy and feasibility are demonstrated, achieving an effective transmission distance of 1 - 5.5 meters with a standard mobile phone.

PowerHammer: Exfiltrating Data From Air-Gapped Computers Through Power Lines

TLDR
An implementation, evaluation, and analysis of PowerHammer - an attack that uses power lines to exfiltrate data from air-gapped computers that fully conforms to civilian and military conductive emission standards is provided.

USBee: Air-gap covert-channel via electromagnetic emission from USB

TLDR
It is demonstrated how a software can intentionally generate controlled electromagnetic emissions from the data bus of a USB connector, and it is shown that the emitted RF signals can be controlled and modulated with arbitrary binary data.

BitWhisper: Covert Signaling Channel between Air-Gapped Computers Using Thermal Manipulations

TLDR
This paper demonstrates BitWhisper, a method of bridging the air-gap between adjacent compromised computers by using their heat emissions and built-in thermal sensors to create a covert communication channel, which supports bidirectional communication and requires no additional dedicated peripheral hardware.

AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies

TLDR
AirHopper is presented, a bifurcated malware that bridges the air-gap between an isolated network and nearby infected mobile phones using FM signals and it is demonstrated how textual and binary data can be exfiltrated from physically isolated computer to mobile phones at a distance of 1-7 meters.

Exfiltrating data from air-gapped computers via ViBrAtIoNs

BitJabber: The World’s Fastest Electromagnetic Covert Channel

TLDR
A new physical covert channel named BitJabber is introduced that is extremely fast and strong enough to even penetrate concrete walls and can enable data exfiltration from an air-gapped computer enclosed in a room with thick concrete walls up to 15 cm.

CTRL-ALT-LED: Leaking Data from Air-Gapped Computers Via Keyboard LEDs

TLDR
This paper extensively explore the exfiltration malware of an advanced persistent threat (APT) using the keyboard LEDs to encode information and exfiltrate data from airgapped computers optically in the context of a modern cyber-attack with current hardware and optical equipment.

Air-Gap Covert Channels

TLDR
It is empirically demonstrated that using physically unmodified, commodity systems, covert-acoustic channels can be used to communicate at data rates of hundreds of bits per second, without being detected by humans in the environment, and data rates when nobody is around to hear the communication.