Wednesday, October 5

SATAn: the hack reaches further and transmits data as if it were the radio | Digital Trends Spanish

A potential security attack has just been revealed by researchers, and while difficult to pull off, it could put some of the world’s most sensitive data at risk.

Nicknamed “SATAN”, the hack converts a typical SATA cable into a radio transmitter. This allows data transfer even from devices that would otherwise not allow it at all.

SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables

As data protection measures become more advanced and cyber attacks become more frequent, researchers and vicious attackers alike reach new heights of creativity to find potential flaws in software and hardware. Dr. Mordechai Guri of Ben-Gurion University of the Negev in Israel has just published new findings that once again show us that even air-gapped systems are not completely safe.

An air-gapped system or network is completely isolated from any and all connections to the rest of the world. This means that there are no networks, no Internet connections, no Bluetooth, zero connectivity. The systems are purposefully built without any hardware that can communicate wirelessly, all in an effort to keep them safe from various cyber attacks. All of these security measures are in place for one reason: to protect the world’s most vulnerable and sensitive data.

Hacking these air-gapped systems is extremely difficult and often requires direct access to plant malware. Removable media can also be used, such as USB thieves. Dr. Guri has now found another way to breach the security of an air-gapped system. SATAn relies on the use of a SATA connection, widely used in countless devices around the world, to infiltrate the target system and steal its data.

Through this technique, Dr. Guri was able to turn a SATA cable into a radio transmitter and send it to a personal laptop located less than 1 meter away. This can be done without making any physical modifications to the cable itself or the rest of the target hardware. Feel free to dive in document written by Dr. Guri (first seen by Tom’s Hardware) if you want to learn the ins and outs of this technology.

In a quick summary of how SATAn is able to extract data from seemingly ultra-secure systems, it all boils down to manipulating the electromagnetic interference generated by the SATA bus. Through that, the data can be transmitted to another place. The researcher manipulated this and used the SATA cable as a makeshift wireless antenna that operates in the 6GHz frequency band. In the video shown above, Dr. Guri was able to steal a message from the target computer and then display it on his laptop.

“The receiver monitors the 6GHz spectrum for potential transmission, demodulates the data, decodes it, and sends it to the attacker,” the researcher said in his paper.

Dr Mordechai Guri

The attack can only be carried out if the target device has malware installed beforehand. This of course reduces the danger levels, but not too much, as USB sticks can be used for this. Without that, the attacker would need to gain physical access to the system to implant the malware before attempting to steal data via SATAn.

Rounding out the document, Dr. Guri detailed some ways in which this type of attack can be mitigated, such as the implementation of internal policies that strengthen defenses and prevent initial penetration of the airspace system. Having radio receivers banned inside facilities where such top-secret data is stored seems like a sensible move at the moment. It is also recommended to add electromagnetic shielding to the machine case, or even just to the SATA cable itself.

This attack is certainly scary, but ordinary people most likely don’t have to worry. Given the complexity of the attack, it’s only worthy of a high-stakes game targeting national secrets. On the other hand, for those facilities and their air-gapped systems, alarm bells should be ringing: it’s time to beef up security.

Publisher Recommendations