This evasive new cyberattack can bypass air-gapped systems to steal data from the most sensitive networks

Image: Getty/Manuel Breva Colmeiro

Cybersecurity researchers have demonstrated a novel method of cyberattack that could allow malicious hackers to steal information from some of the most well-protected computers.

Air-gapped systems are isolated from the internet due to the nature of the information they handle. The idea is that by being completely removed from both the public-facing internet and the rest of the network, any information stored and processed within them remains secure from unauthorised access by outsiders.

Typically, air-gapped systems are found in sensitive or high-risk environments – which are likely to be tempting targets for malicious hackers – including critical infrastructure, satellite and military networks

But a new technique demonstrated by researchers at Ben-Gurion University of the Negev’s Department of Software and Information Systems Engineering shows that it’s possible for attackers to breach air-gapped systems by exploiting low-frequency electromagnetic radiation generated by the targeted computer.

“The attack is highly evasive since it executes from an ordinary user-level process, does not require root privileges, and is effective even within a Virtual Machine,” Mordechai Guri, head of R&D of the Cyber Security Research Center at Ben Gurion University, wrote in a newly published research paper.

Also: Cybersecurity: These are the new things to worry about in 2023

Dubbed COVID-bit, the covert channel attack first relies on an attacker being able to gain physical access to the targeted system to plant malware on it using a USB drive. This could be a covert operative who has

Read more

Explore the site

More from the blog

Latest News