Guest Post – Air-Fi – The New Wi-Fi Hacking Mehtod

The ubiquitous nature of Wi-Fi has certainly made our lives easier and more convenient in a lot of ways, it’s also undoubtedly made them more dangerous, too – particularly when it comes to our privacy.

Everyone knows that public Wi-Fi networks are inherently risky thanks to the wide array of (shockingly easy) ways that they can be hacked. Between man-in-the-middle attacks (where someone essentially gets in between your computer and the Internet to eavesdrop on your data) to  Wi-Fi snooping, the potential for malware distribution and beyond, one must be incredibly careful with what they do on a public Wi-Fi network and, more importantly, how they’re doing it.

But that’s just public Wi-Fi networks… right?

Unfortunately, ALL Wi-Fi is inherently vulnerable – as a sophisticated new hacking method has gone a long way towards proving. Referred to as AIR-FI by security researchers, it’s already been used to obtain data even from air-gapped computers, alarmingly without requiring the presence of Wi-Fi hardware at all on the targeted systems.

WHAT IS AIR-FI? EVERYTHING YOU NEED TO KNOW

To paint a picture of just how devastating this attack method is, one must first come to a better understanding of what an air-gapped computer actually is.

As the name suggests, an air-gapped computer is one that has absolutely no network interfaces – meaning either wired or wireless – that connects it to outside networks. If you want to move data from one air-gapped computer to another, you need to do so the old-fashioned way: using a thumb drive or some other physical means.

The reason why AIR-FI is so dangerous is because it leverages electromagnetic emissions in the 2.4 GHz Wi-Fi band to deploy specially designed malware on the target machine, thus compromising the system. But it can do this regardless of whether that machine is actually capable of connecting to the Wi-Fi network itself, as those air-gapped computers prove.

Air-gapped systems, for the record, are ones commonly used on government, military and even high level corporate networks to store data that is considered to be incredibly sensitive, like classified files or (in the case of businesses) valuable intellectual property.

AIR-FI works because any electronic component will generate electromagnetic waves as some type of electric current passes through it. Because Wi-Fi signals are radio waves, and radio waves and electromagnetic waves are very similar, this is what gives hackers their “in.” Attackers can use the AIR-FI technique to manipulate the electrical current inside the RAM card on an air-gapped computer, thus generating the type of electromagnetic waves that are consistent with the 2.4 GHz spectrum.

This signal can then be picked up with literally anything with a Wi-Fi antenna in close proximity to the air-gapped system, which could potentially leak data at speeds of up to 100 megabytes per second to a device that can be up to several meters away.

SO WHAT CAN YOU DO ABOUT AIR-FI?

In a research paper written by Mordechai Guri, the head of Research & Development at the Ben-Gurion University of the Negev in Israel (who also happens to be the one who “invented” the technique), he argued that there are thankfully ways to fend off this type of attack – but they do require a proactive approach to keeping data safe. One of them involves using signal jamming to prevent the transmission of ANY Wi-Fi signals that is within the physical area of an air-gapped system.

Others include Faraday shielding (which is a special type of container used to either block or outright limit the electromagnetic fields from interacting with the shielded system in any way), and the banning of Wi-Fi capable devices from the physical area that the air-gapped system is operating in. Runtime detection is also seen as a viable countermeasure, which would make sure that any process that abnormally performs a memory transfer is reported and inspected immediately.

Thankfully, it’s absolutely safe to say that AIR-FI is not the type of hacking technique that average, everyday users will need to worry about. Keep in mind, that this is because there are far easier ways to hack a normal user (like through social engineering) that don’t require a hacker to be physically close to their target. But any environment with data sensitive enough to warrant an air-gapped system could potentially become a target, which is why this is a development people will need to keep a close eye on moving forward.


Today’s guest post is by a friend and professional peer of mine, Tony Chiappetta, owner of CHIPS.

CHIPS is a Technology Success Provider located in Shoreview, MN near the intersection of Highway 96 and Lexington.  Since 2001, CHIPS has been working with businesses to help them get the most from their technology investment.

Tony has been around technology all his life and holds numerous industry certifications.  With the completion of both a Law Enforcement and a Business Management Degree, Tony brings a business perspective to the technology landscape.  This has allowed CHIPS to lead the industry by bringing enterprise solutions down to the Small Business sector.

CHIPS has received many industry awards and accredations however, Tony is most proud that his team has been asked to help secure the Critical Infrastructure of the Twin Cities by bringing to market a proven technology that was previously only available to Federal Government Agencies.  You can follow Tony on the CHIPS blog

0

About the Author:

I am a cybersecurity and IT instructor, cybersecurity analyst, pen-tester, trainer, and speaker. I am an owner of the WyzCo Group Inc. In addition to consulting on security products and services, I also conduct security audits, compliance audits, vulnerability assessments and penetration tests. I also teach Cybersecurity Awareness Training classes. I work as an information technology and cybersecurity instructor for several training and certification organizations. I have worked in corporate, military, government, and workforce development training environments I am a frequent speaker at professional conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference in 2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2006 at http://wyzguyscybersecurity.com

Add a Comment


This site uses Akismet to reduce spam. Learn how your comment data is processed.