< New Article: Revisiting SOHO Router Attacks

New Article: HVACKer - Bridging the Air-Gap by Manipulating the Environment Temperature

by Yisroel Mirsky and Mordechai Guri and Yuval Elovici

Modern corporations physically separate their sensitive computational infrastructure from public or other accessible networks in order to prevent cyber-attacks. However, attackers still manage to infect these networks, either by means of an insider or by infiltrating the supply chain. Therefore, an attacker’s main challenge is to determine a way to command and control the compromised hosts that are isolated from an accessible network (e.g., the Internet).
In this paper, we propose a new adversarial model that shows how an air gapped network can receive communications over a covert thermal channel. Concretely, we show how attackers may use a compromised air-conditioning system (connected to the internet) to send commands to infected hosts within an air-gapped network. Since thermal communication protocols are a rather unexplored domain, we propose a novel lineencoding and protocol suitable for this type of channel. Moreover, we provide experimental results to demonstrate the covert channel’s feasibility, and to calculate the channel’s bandwidth. Lastly, we offer a forensic analysis and propose various ways this channel can be detected and prevented.  We believe that this study details a previously unseen vector of attack that security experts should be aware of.
This article appears in the special edition „In Depth Security – Proceedings of the DeepSec Conferences Vol. 2“. Edited by Stefan Schumacher and René Pfeiffer


The Article can be found at http://www.sicherheitsforschung-magdeburg.de/uploads/journal/MJS_055_Mirsky_AirgapTemperature.pdf