SATA cable can serve as a transmitter of transmitted data

SATA cable can serve as a transmitter of transmitted data

From Andrew Link ,
A SATA cable can serve as a transmitter of transmitted data. This is shown by Israeli researchers who demonstrate the hack in the laboratory. In practice, this method is complicated to implement, but it can be useful for whistleblowers who have access to the system.

Researchers from the University of the Negev in Israel have published a paper describing how hackers can use the SATA protocol to gain access to transmitted data. For this purpose, the SATA cable itself is used as the transmitter, which then transmits data in the 6 GHz band. The attack is difficult to implement and is especially interesting if there is no other way to access a well-protected system and you want to access the data permanently. Physical presence is necessary when a computer or server is under attack.

First, malware must be injected into the system, which turns the SATA cable into a transmitter of the radio signal. The malware does this and turns the data stream into an electromagnetic radio signal that can be picked up by a receiver, to which the cable acts as an antenna. Electromagnetic information has a limited range, so physical presence within a certain radius of the system is essential. One can imagine that whistleblowers having access to the system can access the data.

See also  Berlin crypto company Nouri is bankrupt: around 500,000 customers are affected. Pennies

Israelis point out that this method can be used in purely laboratory testing. In practice, various factors surrounding the listening device will make access difficult. The hacker has to insert malware into the system and place the receiver within a radius of 1 meter. Countermeasures are also available. The most obvious way is to not use SATA and SAS drives. This may not be practical in some scenarios, which is why secure data encryption is a valid option. In the case of critical information systems, electromagnetic shielding would also be an (additional) measure to prevent tapping.

Source: Advanced Cyber ​​Security Research Laboratory ,PDF,


Please enter your comment!
Please enter your name here