Endpoint

5/11/2018
11:45 AM
Connect Directly
Twitter
Twitter
RSS
E-Mail
50%
50%

8 Ways Hackers Can Game Air Gap Protections

Isolating critical systems from connectivity isn't a guarantee they can't be hacked.
Previous
1 of 9
Next


Image Source: Adobe Stock (Phongphan Supphakank)

Image Source: Adobe Stock (Phongphan Supphakank)

The almighty air gap has long been critical systems' go-to last resort - the idea being if you pull the plug of connectivity on these systems and don't allow them any kind of access to the outside world, you'll eliminate the bad guys' ability to remotely carry out their attacks.

While it's true that air gaps can drastically shrink attack surface, they're far from infallible. Security researchers - particularly a few from Ben-Gurion University in Israel - have worked over the last five to 10 years to show that even the most meticulously isolated air gap can be overcome with some clever uses of side channels. Here are some of the most effective end-arounds of air gap defense.

 

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.  View Full Bio

Previous
1 of 9
Next
Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
White House Cybersecurity Strategy at a Crossroads
Kelly Jackson Higgins, Executive Editor at Dark Reading,  7/17/2018
Lessons from My Strange Journey into InfoSec
Lysa Myers, Security Researcher, ESET,  7/12/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14364
PUBLISHED: 2018-07-18
GitLab Community and Enterprise Edition before 10.7.7, 10.8.x before 10.8.6, and 11.x before 11.0.4 allows Directory Traversal with write access and resultant remote code execution via the GitLab projects import component.
CVE-2018-14387
PUBLISHED: 2018-07-18
An issue was discovered in WonderCMS before 2.5.2. An attacker can create a new session on a web application and record the associated session identifier. The attacker then causes the victim to authenticate against the server using the same session identifier. The attacker can access the user's acco...
CVE-2018-14388
PUBLISHED: 2018-07-18
joyplus-cms 1.6.0 has XSS via the manager/admin_ajax.php can_search_device array parameter.
CVE-2018-14389
PUBLISHED: 2018-07-18
joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter.
CVE-2018-12429
PUBLISHED: 2018-07-18
JEESNS through 1.2.1 allows XSS attacks by ordinary users who publish articles containing a crafted payload in order to capture an administrator cookie.