Skip to main content

The world’s most sensitive data could be vulnerable to this new hack

A possible security attack has just been revealed by researchers, and while difficult to carry out, it could potentially endanger some of the most sensitive data in the world.

Dubbed “SATAn,” the hack turns a typical SATA cable into a radio transmitter. This permits the transfer of data even from devices that would otherwise not allow it at all.

SATAn: Air-Gap Exfiltration Attack via Radio Signals From SATA Cables

As data protection measures grow more advanced and cyberattacks become more frequent, researchers and vicious attackers alike reach new heights of creativity in finding possible flaws in software and hardware. Dr. Mordechai Guri from the Ben-Gurion University of the Negev in Israel just published new findings that, once again, show us that even air-gapped systems aren’t completely secure.

An air-gapped system or network is completely isolated from any and all connections to the rest of the world. This means no networks, no internet connections, no Bluetooth — zero connectivity. The systems are purposely built without any hardware that can communicate wirelessly, all in an effort to keep them secure from various cyberattacks. All of these security measures are in place for one reason: To protect the most vulnerable and sensitive data in the world.

Hacking into these air-gapped systems is exceedingly difficult and often requires direct access in order to plant malware. Removable media, such as USB stealers, can also be used. Dr. Guri has now found yet another way to breach the security of an air-gapped system. SATAn relies on the use of a SATA connection, widely used in countless devices all over the globe, in order to infiltrate the targetted system and steal its data.

Through this technique, Dr. Guri was able to turn a SATA cable into a radio transmitter and send it over to a personal laptop located less than 1 meter away. This can be done without making any physical modifications to the cable itself or the rest of the targeted hardware. Feel free to dive into the paper penned by Dr. Guri (first spotted by Tom’s Hardware) if you want to learn the ins and outs of this tech.

In a quick summary of how SATAn is able to extract data from seemingly ultra-secure systems, it all comes down to manipulating the electromagnetic interference generated by the SATA bus. Through that, data can be transmitted elsewhere. The researcher manipulated this and used the SATA cable as a makeshift wireless antenna operating on the 6GHz frequency band. In the video shown above, Dr. Guri was able to steal a message from the target computer and then display it on his laptop.

“The receiver monitors the 6GHz spectrum for a potential transmission, demodulates the data, decodes it, and sends it to the attacker,” said the researcher in his paper.

SATAn vulnerability shown in a photograph of an open PC case.
Dr. Mordechai Guri

The attack can only be carried out if the target device has malicious software installed on it beforehand. This, of course, takes the danger levels down a notch — but not all too much, seeing as USB devices can be used for this. Without that, the attacker would need to obtain physical access to the system to implant the malware before attempting to steal data through SATAn.

Rounding up the paper, Dr. Guri detailed some ways in which this type of attack can be mitigated, such as the implementation of internal policies that strengthen defenses and prevent the initial penetration of the air-gapped system. Making radio receivers forbidden inside facilities where such top-secret data is stored seems like a sensible move right now. Adding electromagnetic shielding to the case of the machine, or even just to the SATA cable itself, is also recommended.

This attack is certainly scary, but we regular folk most likely don’t need to worry. Given the complexity of the attack, it’s only worthy of a high-stakes game with nationwide secrets being the target. On the other hand, for those facilities and their air-gapped systems, alarm bells should be ringing — it’s time to tighten up the security.

Monica J. White
Monica is a UK-based freelance writer and self-proclaimed geek. A firm believer in the "PC building is just like expensive…
DuckDuckGo’s new browser could help keep Mac users safe on the web
DuckDuckGo is a privacy-first web browser.

DuckDuckGo is a relatively well-known alternative to the dominant Google search engine but it also makes a DuckDuckGo web browser for iPhone and Android phones that places your privacy and security first. Now the DuckDuckGo browser is available for your Mac computer as a public beta.

The top feature of DuckDuckGo's browser has always been a convenient Fire button in the upper right corner of every window that burns up browser history, cookies, web caches, and visited URLs keeping your privacy safe with a single click, even on a shared computer. Many more features than that have been added. Duck Player is included and prevents YouTube from using ad tracking, cookies, and recommended videos. DuckDuckGo email is similar to Apple's Hide My Email, providing an @duck.com address that redirects to your actual account and which can easily be switched off if overrun with spam.

Read more
Google Chrome tops this list of most vulnerable browsers
Google Chrome logo appears over photo of laptop with chart of vulnerabilities.

According to a recent report, Google Chrome is the most vulnerability-ridden browser of all the major players. Chrome also happens to be the most popular browser in the world, accounting for over 60% of usage according to most sources, which means that a larger number of people are at risk until the bugs are fixed.

Every browser suffers from these security weaknesses from time to time, including the increasingly popular Apple Safari, Microsoft Edge, and Mozilla Firefox, but Chrome has had a startlingly high number of weaknesses in 2022. The vulnerability report from Atlas VPN summarized data found in the VulDB vulnerability database. In this year alone, 303 vulnerabilities have been detected in Google Chrome. Firefox came in a distant second with 117, while 103 were found in Edge, and only 26 in Safari.

Read more
This dangerous hacking tool is now on the loose, and the consequences could be huge
Close-up of hands on a laptop keyboard in a dark room.

A dangerous post-exploitation toolkit, first used for cybersecurity purposes, has now been cracked and leaked to hacking communities.

The toolkit is being shared across many different websites, and the potential repercussions could be huge now that it can fall into the hands of various threat actors.

Read more