Data Hacks Demonstrate IT Networks’ Need for Optical Protections

Information technology computer scientists at Karlsruhe Institute of Technology (KIT) have demonstrated how data can be transmitted to LEDs — contained in regular office devices such as a printer — using a directed laser. The demonstration shows the ability for data hackers to secretly communicate with “air-gapped” computer systems over distances of several meters.

According to the team, this shows that in addition to conventional information and communication technology security, critical IT systems must also be protected optically.

The collaborative work with researchers from KIT, TU Braunschweig, and TU Berlin was presented this month as the LaserShark attack at the 37th Annual Computer Security Applications Conference (ACSAC). The project focuses on hidden communication via optical channels.

Air-gapped computer or network systems are those that have neither wired nor wireless connection to the outside world.

Data hack demonstrations by a German research team showed that in addition to conventional information and communication technology security, critical IT systems must be protected optically, as well. The team used laser light to transfer information. The demonstration mimicked action that an adversary could take. Courtesy of Andrea Fabry, KIT.

Computer or networks in critical infrastructures are often physically isolated to prevent external access. Previous attempts to bypass such protection via electromagnetic, acoustic, or optical channels work at short distances or low data rates. Moreover, they frequently enable data exfiltration — or the receipt of data — only.

In its demonstration attack, the team showed that an adversary can use a directed laser beam to introduce data into air-gapped systems and retrieve data without additional hardware on the attacked device. “This hidden optical communication uses LEDs already built into office devices, for instance, to display status messages on printers or telephones,” said Christian Wressnegger, a professor and head of the Intelligent System Security Group of KASTEL — Institute of Information Security and Dependability at KIT.

Though they are not designed to do so, LEDs can receive light.

By directing laser light to already installed LEDs and recording responses, the researchers established a hidden communication channel over a distance of up to 82 ft that can be used bidirectionally. The channel reached data rates of 18.2 kbit/s inward and 100 kbit/s in the outward direction.

This type of optical attack is possible in commercially available office devices, the researchers said. They published the program code used in their experiments, as well as the raw data of their measurements on the LaserShark project website, to foster future research on covert communication channels and help bridge the air gap.

The research was published in the Proceeding of the 37th Annual Computer Security Applications Conference (ACSAC) (www.intellisec.de/pubs/2021-acsac.pdf).