Air gap systems are used, for example, in critical infrastructures. These are computers that are disconnected from the network and the Internet, and their information can only be accessed physically on site. This should reduce possible attacks from outside to a minimum. Security researchers, but also attackers, keep finding ways to circumvent the “air gap”.
WiFi cable
According to a report, the researchers have now succeeded in misusing a SATA cable as a radio antenna and using it to transmit information. For this to work, however, attackers would have to overcome a major hurdle and install malware on an air-gap system. The researchers dubbed the attack SATAn.
With their code, the researchers were able to repurpose a SATA cable as an antenna and transmit data in the 5.9995 and 5.9996 GHz range during read and write operations. According to their own statements, this made it possible for them to transmit the word “Secret” in the form of electromagnetic signals to a nearby computer. However, this only works at a maximum distance of 120 cm. The information is transmitted at 1 bit/s.
According to the researchers, a jammer in the form of a SATA jammer can disrupt the transmission in such a way that no usable information arrives at the end. However, this also leads to increased hard disk access and thus wear and tear.
The author of the paper, Mordechai Guri, has often successfully attacked air gap systems. At the end of 2021 he managed to do this with a LAN cable as an antenna.