This paper introduces a new type of attack on isolated, air-gapped workstations. Although air-gap computers have no wireless connectivity, we show that attackers can use the SATA cable as a wireless antenna to transfer radio signals at the 6 GHz frequency band. The Serial ATA (SATA) is a bus interface widely used in modern computers and connects the host bus to mass storage devices such as hard disk drives, optical drives, and solid-state drives. The prevalence of the SATA interface makes this attack highly available to attackers in a wide range of computer systems and IT environments. We discuss related work on this topic and provide technical background. We show the design of the transmitter and receiver and present the implementation of these components. We also demonstrate the attack on different computers and provide the evaluation. The results show that attackers can use the SATA cable to transfer a brief amount of sensitive information from highly secured, air-gap computers wirelessly to a nearby receiver. Furthermore, we show that the attack can operate from user mode, is effective even from inside a Virtual Machine (VM), and can successfully work with other running workloads in the background. Finally, we discuss defense and mitigation techniques for this new air-gap attack.
翻译:本文介绍了对孤立的、空中封闭的工作站的新型攻击。虽然空格计算机没有无线连接,但我们表明攻击者可以使用SATA电缆作为无线天线,在6千兆赫频率波段传输无线电信号。Siral ATA(SATA)是一个公共汽车界面,在现代计算机中广泛使用,并将主机与大规模储存设备如硬盘驱动器、光学驱动器和固态驱动器连接起来。SATA接口的普及使得攻击者在广泛的计算机系统和信息技术环境中极易获得这种攻击。我们讨论与这个主题有关的工作并提供技术背景。我们展示了发射机和接收机的设计,并展示了这些部件的实施。我们还展示了对不同计算机的攻击并提供评价。结果显示,攻击者可以使用SATA电缆,从高度安全、空中定位计算机无线向附近的接收器传送一小量的敏感信息。此外,我们表明攻击可以从用户模式运作,甚至从虚拟机器(VM)内部有效,而且能够成功地处理其他攻击工作量。我们讨论的是用于这种空中的防御和减缓技术。