Security researchers have come up with a way to pull data from airborne networks by eavesdropping on the radio frequencies of SATA cables. The attack, SATAn, can read very little data per second, including from systems without root privileges and from virtual machines.
The research was conducted by scientists from Ben-Gurion University of the Negev, Israel. Researchers Call their findings SATAn. In the paper, the researchers were able to manipulate a computer within an air-gap network to transmit data, which could then be transmitted via a SATA cable. In practice, it would be difficult to exploit this method of attack. This is partly because the researchers had to manipulate the victim’s PC to send the data.
For the study, scientists hacked an Ubuntu computer with homemade malware. When setup, they assume that an attacker has physical access to the system. For a successful attack, desktops must use at least a SATA III cable, which has a bandwidth of 6 Gbit/s. The cables transmit an electromagnetic signal with a width between 5.9995 GHz and 5.9996 GHz. The malware that researchers put on the target computer uses an algorithm to convert the information into a signal that then reaches a receiver. The researchers were able to send, read and decode a “password” to a laptop computer containing an RF receiver. According to the makers, this should also be technically feasible
writereferences to a computer, but this has two drawbacks. Firstly, the signal is much weaker, it takes longer to transmit information and sometimes there is noise in the signal. Second, writes require more permissions on the target PC.
The hack can only be carried out on systems where the victim has user rights. It is also possible to carry out the attack from a virtual machine, although the researchers warn that the transfer speed will be significantly reduced.
The investigation was conducted by a team led by Mordechai Gouri. It has conducted dozens of investigations into malware and data intrusion in the past. They all follow roughly the same pattern, but differ in the way the data is intercepted. Sometimes this is caused by the noise of hard drives or fans, and other times by manipulating the lights on the routers or the heat of the CPUs. Tweakers wrote last year Article about Gauri and his methods.
What is striking about the SATA study is that the researchers describe just how they can read the transmitted information themselves. Some of Gorey’s other studies have looked specifically at how to read passwords or other information, for example secure pocketsbut this does not happen here.
SATAn also has some other limitations. For example, a laptop with a radio receiver cannot be very far from the affected laptop because there is a lot of noise on the line. Researchers talk about a maximum of 1.2 meters. The further away the laptop is, the worse the signal becomes. Also, heavy use of computers may affect the signal that can be read.
“Lifelong zombie fanatic. Hardcore web practitioner. Thinker. Music expert. Unapologetic pop culture scholar.”