back to article How to leak data from an air-gapped PC – using, er, a humble scanner

Cybercriminals managed to infect a PC in the design department of Contoso Ltd through a cleverly crafted spear-phishing campaign. Now they need a way to communicate with the compromised machine in secret. Unfortunately, they know Contoso's impenetrable network defenses will detect commands sent to their malware. To avoid …

Page:

  1. Dave 32
    Coat

    Hmmm

    I may (or may not; you'll have to decide) have some knowledge of secure buildings/systems.

    Some installations do not allow outside repair personnel into restricted areas. Any failing equipment must be removed from the restricted area, which usually requires "sanitizing" the equipment. Any equipment reinstalled in the restricted area must be examined and approved for information leakage purposes. This gets around the issue of the "copier repair" person having access to the restricted area, or from removing the hard disk from the copier that contains copies of all of the images ever scanned (Look it up if you don't believe me!).

    As for the scanner, remember that most Silicon photosensors are highly sensitive to infrared, well, unless a rather expensive infrared filter has been installed on them. So, just mount an infrared laser on the drone and have it sit 250 feet away from the building and pump out infrared all day (Or, mount the laser on a fixed item, such as another building, or a television/cell-phone tower, or...). Yeah, the window will absorb/reflect some of the infrared, but probably not too much for near infrared. How many high security installations regularly do an infrared scan of their buildings? (Darn. Just gave away a new job opportunity!).

    If y'all want to do some research in the library, go look up how early black epoxy encapsulated transistors were sensitive to infrared light, so much so that removing the cover from a piece of equipment, and holding a light over it would dramatically change the bias conditions on the circuits being examined. The problem, as it turned out, was that that "black" epoxy was only black for optical wavelengths of light; For infrared light, it was almost completely transparent. That's been fixed now. Mostly.

    That still leaves LEDs exposed, and LEDs can make great photosensors, at least if the circuit that they're wired into makes for reading from the port pin that the LED is connected to (And, when is the last time any of you examined the circuit connections for the machine you're using, with LEDs on it? Heck, when they're connected to an IC, can you even guess whether that pin on an IC is an output, an input, or some programmable combination of I/O?).

    Of course, rather than going to all of the trouble to fit a laser on a drone, it'd probably be easier to just drop a pr*n magazine outside the building, with the commands/data encoded steganographically in some of the images. (Darn! I'm giving away all of my good ideas today.).

    As for getting hired in as a janitor, the other option is to get hired in as a security guard. Not too long after the introduction of the PC, one of the security guards at the place I worked at was caught loading up the trunk of his car with the company's PCs. Whoopsie.

    Then, again, it's sometimes easier just to call the network administrator and tell them that you forgot your password. :-(

    Dave

    P.S. I'll get my coat. It's the one with the punched card deck in the pocket that's labeled "Top Secret".

  2. x 7

    Was this article translated from the original gibberish by Google Translate? An average eight year old kid could have written better structured prose. Trying to write a news story in the present tense is just wrong.

  3. Number6

    My cat is trained to sit on the scanner if it's left open when unattended. Normally it's closed to keep the glass clear of dust and cat fur.

  4. PNGuinn
    Trollface

    Now. If your'e feeling REALLY evil ...

    Just get an IOT device into the "secure" area.

    Simples - everyone loves shiny.

  5. Bitbeisser

    Is it already April 1st in Blighty?

Page:

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like