Researchers at the University of the Negev, Israel, have published a paper that demonstrates how a hacker could extract data from an otherwise secure system via its SATA cable. The attack uses the SATA cable itself as a form of wireless transmitter, and the data it carries can be intercepted as a form of radio signal in the 6GHz band. The attack is appropriately referred to as SATAn.
The researchers published a paper here (via Tom’s Hardware). They successfully demonstrated the technique and showed it in a video that’s included above. It has to be said that this kind of attack is complicated and requires specific malware to be installed on the target machine. It requires specialized shellcode to modify file system activity that generates identifiable radio signals from SATA cables.
The electromagnetic leakage of the cables can be intercepted by a wireless receiver and replicated on a second device. The researchers entered the word ‘secret’ on the target machine, which was picked up by a second machine. It’s just a simple demo but there’s no reason that targeted malware couldn’t be used to extract passwords or other sensitive text information.
It’s a complicated method as it would require access to the target computer. An air gapped system without any network access would require malware to be directly installed. There’s also the problem that the SATA signal emission is weak and requires the receiving antenna to be around 1 meter away. It’s not easy to just walk up to a secure system and say hi.
Best CPU for gaming: The top chips from Intel and AMD
Best gaming motherboard: The right boards
Best graphics card: Your perfect pixel-pusher awaits
Best SSD for gaming: Get into the game ahead of the rest
There are many countermeasures that could be used to prevent this from happening. Apart from the usual network security technologies and protocols that are in place in sensitive environments, a user could also… not use SATA drives. M.2 drives are becoming more and more prevalent and the use of such a drive would make this vulnerability irrelevant. Proper electromagnetic shielding would also prevent access.
Still, this kind of vulnerability could present headaches for organizations with highly sensitive data. The SATA standard is very widely used. The world’s nuclear codes will be safe but shorter data strings including things like banking passwords or cryptocurrency keys could be targeted.
What would this mean for gamers and home users? Essentially nothing. There are plenty of other ways for hackers to infiltrate home systems and if someone really wanted your information, it would be just as easy to steal the drive itself. That wouldn't be as high tech, but it is effective!
