Skip to main content
  1. Home
  2. Computing
  3. News

The world’s most sensitive data could be vulnerable to this new hack

Monica J. White
By

A possible security attack has just been revealed by researchers, and while difficult to carry out, it could potentially endanger some of the most sensitive data in the world.

Dubbed “SATAn,” the hack turns a typical SATA cable into a radio transmitter. This permits the transfer of data even from devices that would otherwise not allow it at all.

SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables

As data protection measures grow more advanced and cyberattacks become more frequent, researchers and vicious attackers alike reach new heights of creativity in finding possible flaws in software and hardware. Dr. Mordechai Guri from the Ben-Gurion University of the Negev in Israel just published new findings that, once again, show us that even air-gapped systems aren’t completely secure.

Related

An air-gapped system or network is completely isolated from any and all connections to the rest of the world. This means no networks, no internet connections, no Bluetooth — zero connectivity. The systems are purposely built without any hardware that can communicate wirelessly, all in an effort to keep them secure from various cyberattacks. All of these security measures are in place for one reason: To protect the most vulnerable and sensitive data in the world.

Hacking into these air-gapped systems is exceedingly difficult and often requires direct access in order to plant malware. Removable media, such as USB stealers, can also be used. Dr. Guri has now found yet another way to breach the security of an air-gapped system. SATAn relies on the use of a SATA connection, widely used in countless devices all over the globe, in order to infiltrate the targetted system and steal its data.

Through this technique, Dr. Guri was able to turn a SATA cable into a radio transmitter and send it over to a personal laptop located less than 1 meter away. This can be done without making any physical modifications to the cable itself or the rest of the targeted hardware. Feel free to dive into the paper penned by Dr. Guri (first spotted by Tom’s Hardware) if you want to learn the ins and outs of this tech.

In a quick summary of how SATAn is able to extract data from seemingly ultra-secure systems, it all comes down to manipulating the electromagnetic interference generated by the SATA bus. Through that, data can be transmitted elsewhere. The researcher manipulated this and used the SATA cable as a makeshift wireless antenna operating on the 6GHz frequency band. In the video shown above, Dr. Guri was able to steal a message from the target computer and then display it on his laptop.

“The receiver monitors the 6GHz spectrum for a potential transmission, demodulates the data, decodes it, and sends it to the attacker,” said the researcher in his paper.

SATAn vulnerability shown in a photograph of an open PC case.
Dr. Mordechai Guri

The attack can only be carried out if the target device has malicious software installed on it beforehand. This, of course, takes the danger levels down a notch — but not all too much, seeing as USB devices can be used for this. Without that, the attacker would need to obtain physical access to the system to implant the malware before attempting to steal data through SATAn.

Rounding up the paper, Dr. Guri detailed some ways in which this type of attack can be mitigated, such as the implementation of internal policies that strengthen defenses and prevent the initial penetration of the air-gapped system. Making radio receivers forbidden inside facilities where such top-secret data is stored seems like a sensible move right now. Adding electromagnetic shielding to the case of the machine, or even just to the SATA cable itself, is also recommended.

This attack is certainly scary, but we regular folk most likely don’t need to worry. Given the complexity of the attack, it’s only worthy of a high-stakes game with nationwide secrets being the target. On the other hand, for those facilities and their air-gapped systems, alarm bells should be ringing — it’s time to tighten up the security.

Editors' Recommendations

Topics
40 years ago, Apple’s original Macintosh started a revolution
A classic Apple Macintosh shows a friendly hello on-screen.
Apple’s secret VR headset just got revealed in a huge leak
A person wearing a virtual reality headset.
Apple’s secret spring event could be in yet more trouble
Apple CEO, Tim Cook, stands on stage at the September 2021 Fall Apple Event.
Google turns to AI as it lays off 12,000 employees
Google Search with San Francisco wallpaper showing Google Account Safety Status icon over profile picture.
The best PC power supply for 2023
PC power supply in a case.
ChatGPT has a new way to detect its own plagiarism
The ChatGPT chatbot by OpenAIis now available for testing as a as a free research preview this week.
Samsung Galaxy Book 3 Ultra vs. MacBook Pro 16-inch
Someone typing on the Samsung Galaxy Book 3 Ultra.
The Galaxy Book 3 Ultra is Samsung’s most powerful laptop ever
Samsung Galaxy Book3 Ultra laptop.
Nvidia may have another monster GPU in the works, and the price could be outrageous
GeForce RTX logo is shown on the side of a graphics card.
AMD’s Ryzen 9 7950X3D pricing keeps the pressure on Intel
A hand holding AMD's Ryzen 9 7950X3D processor.
What is ChatGPT Plus? Everything we know about the premium tier
Close up of ChatGPT and OpenAI logo.
ChatGPT Plus to bring priority access during peak times — at a hefty price
ChatGPT and OpenAI logos.
Usually $3,879, this Lenovo laptop is down to $1,479 today
Opened Lenovo ThinkPad X1 Extreme Gen 4 sitting on the ground.