• XRATOR
  • Our Experts
  • Contact Us
  • Privacy & Policy
Conquer your risk
  • Home
  • Articles
  • News
  • Research
  • State of the art
No Result
View All Result
  • Home
  • Articles
  • News
  • Research
  • State of the art
No Result
View All Result
Conquer your risk
No Result
View All Result
Home Cyber Attacks

COVID-bit Attack: A New Air-Gapped Networks Intrusion Vector

New type of air-gapped network attack enables information leakage through low-frequency electromagnetic radiation.

Gwendal SmithbyGwendal Smith
February 9, 2023
in Articles, Cyber Attacks, Vulnerability & Weakness
0
COVID-bit Attack: A New Air-Gapped Networks Intrusion Vector

Air-gapped networks are considered to be the safest of all. These networks are physically isolated from other systems and networks, making it difficult for hackers to penetrate them. However, a recent breakthrough in the world of cybersecurity has put air-gapped networks at risk. The COVID-bit attack is a new type of attack that enables the leaking of sensitive information from air-gapped systems to nearby receivers carried by a malicious person.

There have been several high-profile cases of air-gapped systems being targeted by malicious actors. For example the Stuxnet worm targeted the Iranian nuclear program in 2010. It was able to spread from a computer connected to the internet to an air-gapped network containing centrifuges that were being used to enrich uranium. The worm caused these centrifuges to spin out of control, effectively sabotaging the nuclear program.

Another example is Agent.BTZ, a piece of malware that targeted U.S. military networks in 2008. Allegedly used by the Turla advanced threat group, the malware was able to spread from a computer connected to the internet to air-gapped systems within the military network, allowing sensitive information to be exfiltrated.

What is COVID-Bit Attack?

A researcher has uncovered a new type of attack called COVID-Bit in a paper: “COVID-bit: Keep a Distance of (at least) 2m From My Air-Gap Computer!“. COVID-Bit is a novel attack that enables the leaking of sensitive information from air-gapped systems to nearby receivers carried by a malicious person. The attack works by exploiting modern computers’ dynamic power and voltage regulation and manipulating the loads on CPU cores. This manipulation generates electromagnetic radiation in specific low-frequency bands, which is then intercepted by a nearby receiver, such as a smartphone.

The COVID-bit attack can operate from a normal user-level process and even within a virtual machine (VM). The researchers who discovered this attack have successfully leaked information from air-gapped workstations to nearby receivers at a bandwidth of 1000 bits/sec. This is a significant discovery that poses a serious threat to the security of air-gapped networks.

Risks and Threats of Air-Gapped Bypass

To understand the gravity of the situation, let’s take a closer look at how air-gapped networks work and why they were considered to be the safest of all. Air-gapped networks are physically isolated from other systems and networks, meaning that they do not have any direct connections to the internet or other networks. This makes it difficult for hackers to penetrate these networks, as they cannot access them remotely.

However, with the COVID-bit attack, hackers can now target air-gapped networks by physically being near the target system. They can carry a nearby receiver, such as a smartphone, and use it to intercept sensitive information that is encoded in low-frequency electromagnetic radiation. This puts the security of air-gapped networks at risk, as they are now vulnerable to physical attacks.

Protecting Against COVID-Bit Attacks

So, what can be done to protect air-gapped networks from the COVID-bit attack? There are several countermeasures that can be put in place to reduce the risk of a successful attack. These include hardware-based solutions, such as external electromagnetic receivers that persistently monitor the relevant spectrum of 0 – 60 kHz. Another hardware-based solution is to use a radio frequency jamming system to block the reception or transmission of signals in the relevant frequency bands of 0 – 60 kHz.

However, these solutions are not foolproof, as malicious insiders and implanted hardware can still compromise the security of air-gapped networks. In such cases, physical security measures such as Faraday shielding can be used to prevent electromagnetic emissions from the computer systems. This approach involves encasing the entire system in a thin layer of conductive material or metal mesh.

Conclusion

COVID-Bit is a new and dangerous threat to air-gapped networks, and it is essential that organizations take steps to protect themselves against this type of attack. While there are countermeasures that can be put in place, such as using external electromagnetic receivers or radio jamming systems, it is important to understand that no solution is foolproof. The only way to ensure the security of sensitive information is to implement multiple layers of security and to stay vigilant against new threats like COVID-Bit.

Tags: Agent.BTZAirgapPhysical SecurityStuxnetTurla

Categories

  • Cybercrime
  • Malware
  • Vulnerability & Weakness
  • Threat Intelligence
  • Cyber Attacks
  • Cybersecurity
  • Offensive Security
  • Risk Management
  • Cyberdefense
  • Cyber Insurance

Popular News

  • The H-Factor: Turning Human Into The Strongest Link Of Your Cybersecurity Strategy

    The H-Factor: Turning Human Into The Strongest Link Of Your Cybersecurity Strategy

    0 shares
    Share 0 Tweet 0
  • Understanding and Mitigating the Risk of Computer Memory Exploitation

    0 shares
    Share 0 Tweet 0
  • Three Social Impacts of Ransomware Operations

    0 shares
    Share 0 Tweet 0
  • Methods to Conduct an Insider Threat Risk Assessment

    0 shares
    Share 0 Tweet 0
  • Why Lockbit does fake cyberattacks ?

    0 shares
    Share 0 Tweet 0

"Conquer Your Risk" is a corporate blog for Cybersecurity and Risk Management executives and specialists, sharing XRATOR experts' views on Cybersecurity, Threat Intelligence, Risk Management and Cyber Insurance.

Categories

  • Articles
  • Cyber Attacks
  • Cyber Insurance
  • Cybercrime
  • Cyberdefense
  • Cybersecurity
  • Malware
  • News
  • Offensive Security
  • Research
  • Risk Management
  • Scams
  • State of the art
  • Threat Intelligence
  • Vulnerability & Weakness

Quick Links

  • XRATOR
  • Our Experts
  • Privacy Policy
  • Contact Us

XRATOR® – copyright 2020-2021

No Result
View All Result
  • Contact Us
  • Homepages

© 2018 JNews by Jegtheme.

Manage Cookie Consent
We use cookies to optimize our website and our service.
By closing this windows, you automatically deny non-functionals cookies.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
Preferences
{title} {title} {title}
Manage Cookie Consent
We use cookies to optimize our website and our service.
Functional Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes. The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.
Manage options Manage services Manage vendors Read more about these purposes
Preferences
{title} {title} {title}