Powerhammer attack

Air-gapped systems vulnerable to Powerhammer attack

Target: Air gapped systems

Attack Vector: PowerHammer malware

Summary: A new attack vector, called Powerhammer has been discovered by Ben-Gurion University researchers. The method allows the extraction of data from machines that are air-gapped through a combination of malware and hardware which monitors signals being transmitted through power lines.

The ability to obtain data from air-gapped machines is significant, with these machines physically separated from unsecured networks. These machines are on a secure network, often holding classified information. The existence of a way to obtain this information, without even compromising the security of the actual machine, rather just the medium it communicates on, is significant.

Risk assessment summary: The threat is assessed as 4a LOW. The fact that the targeted communications are coming from and to air-gapped systems means the potential impact of a successful compromise would be high. Air-gapped systems typically are used for military/governmental computer systems as well as those which are life-critical or significantly share price affecting. However, testing of this method has proved that unless the perfect conditions are set, the attack can have a far lower success rate. It must also be said that this malware is only an experiment and if ever deployed in the wild, such a tool would only ever be found in the arsenal of intelligence agencies and not something normal users would use on an everyday basis.

Leave a Reply

Your email address will not be published. Required fields are marked *