SATAn turns hard drive cable into antenna to defeat vacuum security
It looks like [Mordechai Guri's] lab at Ben-Gurion University is where the airless computers are going to die, or at least give up their secrets. And this hack using a computer's SATA cable as an antenna to exfiltrate data is another example of the number of side channel attacks the typical PC makes available.
The exploit, delightfully named "SATAn", relies on the fact that the SATA 3.0 interface used in many computers has a bandwidth of 6.0 Gb/s, which means that handling I/O computer would transmit data from an air-hole machine at around 6 GHz. It's a complicated exploit, of course, and involves placing a transmission program on the target machine using the usual methods, such as phishing or zero-day exploits. Once in place, the transmission program uses a combination of SATA drive read and write operations to generate RF signals that encode the data to be exfiltrated, with the data lines inside the SATA cable acting as antennas.
SATAn is shown in action in the video below. It takes a while to transmit just a few bytes of data, and the range is less than a meter, but that could be enough for the exploit to succeed. The test setup uses an SDR – specifically, an ADALM PLUTO – and a laptop, but you can easily imagine a much smaller package being built for a walk-by style stealth attack. [Mordechai] also offers a potential countermeasure for SATAn, which essentially overwrites the hard drive to generate RF noise to mask all generated signals.
Although probably limited in its practical applications, SATAn is an interesting side-channel attack to add to [Dr. Guri's List of Achievements]. From optical exfiltration using security cameras to turning power supplies into speakers, the vulnerabilities keep piling up.
Thanks to [chuckt] for the tip.
[via Bleeping Computer]
It looks like [Mordechai Guri's] lab at Ben-Gurion University is where the airless computers are going to die, or at least give up their secrets. And this hack using a computer's SATA cable as an antenna to exfiltrate data is another example of the number of side channel attacks the typical PC makes available.
The exploit, delightfully named "SATAn", relies on the fact that the SATA 3.0 interface used in many computers has a bandwidth of 6.0 Gb/s, which means that handling I/O computer would transmit data from an air-hole machine at around 6 GHz. It's a complicated exploit, of course, and involves placing a transmission program on the target machine using the usual methods, such as phishing or zero-day exploits. Once in place, the transmission program uses a combination of SATA drive read and write operations to generate RF signals that encode the data to be exfiltrated, with the data lines inside the SATA cable acting as antennas.
SATAn is shown in action in the video below. It takes a while to transmit just a few bytes of data, and the range is less than a meter, but that could be enough for the exploit to succeed. The test setup uses an SDR – specifically, an ADALM PLUTO – and a laptop, but you can easily imagine a much smaller package being built for a walk-by style stealth attack. [Mordechai] also offers a potential countermeasure for SATAn, which essentially overwrites the hard drive to generate RF noise to mask all generated signals.
Although probably limited in its practical applications, SATAn is an interesting side-channel attack to add to [Dr. Guri's List of Achievements]. From optical exfiltration using security cameras to turning power supplies into speakers, the vulnerabilities keep piling up.
Thanks to [chuckt] for the tip.
[via Bleeping Computer]
What's Your Reaction?
![Three of ID's top PR executives quit ad firm Powerhouse [EXCLUSIVE]](https://variety.com/wp-content/uploads/2023/02/ID-PR-Logo.jpg?#){kind=logo}
