Threat Management

Novel attack method exfiltrates data from air-gapped systems

Data from air-gapped systems could be exfiltrated through a novel technique leveraging a new covert channel dubbed "COVID-bit", which was developed by Offensive-Defensive Cyber Research Lab Head Dr. Mordechai Guri, The Hacker News reports. Machine-planted malware is being leveraged by COVID-bit to produce low-frequency electromagnetic radiation that is then collected by an attacker device within at least two meters, according to Guri. Binary data is also encoded through the frequency-shift keying mechanism. "By regulating the workload of the CPU, it is possible to govern its power consumption and hence control the momentary switching frequency of the [switched-mode power supply]," said Guri, who added that demodulation of emanations is then conducted to facilitate data extraction without the need for elevated privileges. Such an attack could be averted by implementing dynamic opcode analysis for threat identification, commencing random workloads on CPUs upon detection of malicious activity, and tracking or curbing low frequency signals, the report showed.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.