Computer systems that are physically isolated from the outside world can also be exposed to attack. This is demonstrated by IT security experts at the Karlsruhe Institute of Technology (KIT) in the LaserShark project: With a directed laser, data can be transmitted to light-emitting diodes already installed in devices. In this way, attackers can secretly communicate with physically isolated systems over several meters. LaserShark shows that security-critical IT systems not only have to be well protected in terms of information and communication technology, but also optically.
Hackers attack computers with lasers - this could be a scene in a James Bond film, but it is also possible in reality. At the beginning of December 2021, scientists from KIT, TU Braunschweig and TU Berlin presented their research project LaserShark, which investigates hidden communication via optical channels, at the 37th Annual Computer Security Applications Conference (ACSAC). Computers or networks in security-critical areas, such as those found in energy suppliers, in medical technology or in traffic control systems, are often physically isolated to prevent external access. With this so-called air gapping, the systems have neither wired nor wireless connections to the outside world. Previous approaches to this protection via electromagnetic, Breaking acoustic or optical channels only works over short spatial distances or at low data transmission rates; often they only allow data to be extracted.
Hidden optical channel uses LEDs in standard office equipment
The method demonstrated by the research group Intelligent System Security at the KASTEL - Institute for Information Security and Reliability of the KIT together with researchers from the TU Braunschweig and the TU Berlin, on the other hand, can initiate dangerous attacks: With a directed laser beam, outsiders can smuggle data into and out of systems protected by air gapping channel them out without the need for additional hardware on site. "This hidden optical communication uses light-emitting diodes as they are already built into devices, for example to display status messages on printers or telephones," explains junior professor Christian Wressnegger, head of the Intelligent System Security research group at KASTEL. "These LEDs are actually not intended for receiving light,
Data transfer works in both directions
By directing laser light onto built-in LEDs and recording their reaction, they have for the first time set up a hidden optical communication channel that extends over distances of up to 25 meters, works bidirectionally - in both directions - and has high data transmission rates of 18.2 kilobits each Second inwards and 100 kilobits per second outwards. This possibility of attack affects commercially available office equipment such as those used in companies, universities and authorities. "Our LaserShark project shows how important it is to protect security-critical IT systems not only in terms of information and communication technology, but also optically," says Wressnegger.
In order to advance research on the topic and to further develop protection against hidden optical communication, the researchers provide the program code used in their experiments, the raw data from their measurements and the scripts on the LaserShark project page: https://intellisec.de/research/lasershark .
Niclas Kühnapfel, Stefan Preußler, Maximilian Noppel, Thomas Schneider, Konrad Rieck, and Christian Wressnegger: LaserShark: Establishing Fast, Bidirectional Communication into Air-Gapped Systems. Proceedings of the 37th Annual Computer Security Applications Conference (ACSAC). 2021. DOI: 10.1145 / 3485832.348591