科技回声

I feel like the first person in security who used the term 'nation-state' read it somewhere but didn't know what it meant and now it's meaningless.

The executive summary is worth the 1-minute read.Interesting that all the malicious frameworks known (by ESET) that target air-gapped networks were for some form of espionage.

>Over 75% of all the frameworks used malicious LNK or autorun files on USB drives to either perform the initial air-gapped system compromise or to move laterally within the air-gapped network.I don't get why autorun was created. It's an obvious security issue.

> All the frameworks were built to attack Windows systems.Well there you go. Perhaps using an OpenBSD USB bastion is the way to go.

They didn’t detail any espionage activity other than stealing files, even though their study included stuxnet which we know altered centrifuge control parameters.I wanted to know what types of facilities and platforms are being targeted.

TL;DR:<pre><code> - only targets windows - only uses USB drives </code></pre> The rest of the article dives into windows highly specific exploits and therefore lacks in generality.

I feel like the first person in security who used the term 'nation-state' read it somewhere but didn't know what it meant and now it's meaningless.

The executive summary is worth the 1-minute read.Interesting that all the malicious frameworks known (by ESET) that target air-gapped networks were for some form of espionage.

> All the frameworks were built to attack Windows systems.Well there you go. Perhaps using an OpenBSD USB bastion is the way to go.

TL;DR:<pre><code> - only targets windows - only uses USB drives </code></pre> The rest of the article dives into windows highly specific exploits and therefore lacks in generality.

Jumping the Air Gap: 15 Years of Nation-State Effort [pdf]

6 条评论

Jumping the Air Gap: 15 Years of Nation-State Effort [pdf]

6 条评论