Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label IT Breach. Show all posts

Hackers can Overcome Air-Gapped Systems to Steal Data


What are air gaped systems?

An air gap is a safety feature that isolates a computer or network and prevents it from connecting to the outside world. A computer that is physically isolated and air-gapped is unable to communicate wirelessly or physically with some other computers or network components. 

Data must first be copied on a removable media device, like a USB drive, and then physically transported to the air-gapped system from the computer or network. Only a select group of trusted users should be able to access the air-gapped system in situations where security is of the utmost importance.

New Technique 

Researchers at Ben-Gurion University of the Negev's Department of Software and Information Systems Engineering have developed a novel method for breaching air-gapped systems that takes advantage of the computer's low-frequency electromagnetic radiation.

According to Mordechai Guri, director of research and development at the Cyber Security Research Center at Ben Gurion University, "the attack is very evasive because it executes from a regular user-level process, does not require root capabilities, and is successful even within a Virtual Machine."

The COVID-bit technique makes use of on-device malware to produce electromagnetic radiation in the 0–60 kHz frequency region, which is then transmitted and detected by a covert receiving device in close vicinity.

After SATAn, GAIROSCOPE, and ETHERLED, which are intended to hop across air-gaps and extract private data, COVID-bit is the most recent method developed by Dr. Guri this year.

By utilizing electromagnetic emissions from a component known as a switched-mode power supply (SMPS) and encoding the binary data using a technique known as frequency-shift keying (FSK), the virus uses the COVID-bit, one of these covert channels, to communicate information.

The research article advises employing antivirus software that can recognize strange CPU patterns in addition to limiting the frequencies that some CPUs can use in order to protect air-gapped computers from this kind of attack.

IT breach Forces Virginia Museum to Shut Down its Website

 

The Virginia Museum of Fine Arts announced this week that it identified an intrusion in the security of its information technology system late last month that forced the museum to take the website offline for a state investigation. 

The Richmond Times-Dispatch reports that there’s no evidence to suggest that the breach is linked to the ransomware attack on Virginia legislative agencies’ IT systems. The state police are investigating a ransomware attack on state legislative agencies, which was unearthed late Sunday night. 

In addition, there is no evidence that private or financial detail was accessed or compromised, spokeswoman Jan Hatchette stated in response to an inquiry by the Richmond Times-Dispatch. The museum said it hopes to restore the website by the end of next week.

 
According to the museum, an independent agency of the state, the Virginia Information Technologies Agency discovered a breach in the website in late November, along with “evidence indicating an existing security threat from an unauthorized third-party.”

As a precautionary measure, the museum website will remain offline until the breach is investigated, contained and the website’s functionality is restored. A temporary website was put up “until the restoration is complete,” Hatchette stated.

"We realize that this has been an inconvenience to our members, visitors, community and staff and we appreciate their patience and support as we work diligently to restore our website to its full capacity (hopefully by end of day Friday). We are committed to the ongoing enhancement of our website security infrastructure in an effort to prevent incidents like this from occurring again," she concluded.

Earlier this week, the Department of Behavioral Health and Developmental Services also acknowledged that its IT system for employee timesheets has been "crippled" by a ransomware attack on the global KRONOS network that serves the executive branch agency. However, the organization adopted a manual system to ensure that the staff was paid on time. "State facilities have switched back to manual systems that are very time-intensive, but they will get the job done and ensure staff are paid," spokeswoman Lauren Cunningham stated.

Last year, Fairfax County Public Schools, Virginia’s largest school system was targeted and the hackers demanded a ransom payment in exchange of stolen personal information. The school system blamed the problems on internet provider Verizon, but Verizon said it did not experience any service outages.