Deterrence by Denial: Vulnerabilities of an air-gapped network

In theory, there’s no difference between theory and practice. In practice, there is.

 – Yogi Berra

1      Introduction

As the cyber capabilities and national attitudes to use them have evolved, the cyberspace continues to remain unstable (Meakins, 2018). The cyberattacks in the past have escalated many folds with no mutually agreeable norms in place. While the western countries focus on free and safe cyberspace, some states aim for controlling the cyberspace within their territory. Yet, both groups engage in state-level cyber attacks to test or showcase capabilities, carry out espionage for economic or intelligence reasons, and for reprisal. Also, non-state actors are engaging in criminal activities for personal gains that can have economic repercussions on a state level. Similar to the nuclear or kinetic attack realms, policymakers are increasingly intrigued by the idea of a deterrence framework to dissuade the state and non-state attackers alike. Deterrence in cyberspace has been addressed by many researchers in the past (Lupoit, 2011; Morgan, 2011; Sterner, 2011; Mandel, 2017; Brantly, 2018; Meakins, 2018; Wilner, 2019).

Deterrence is not a novel concept in the cyber realm and has been implemented in many strategic domains in the past. Essentially deterrence is the use of threat to manipulate the adversary to dissuade the actor to forgo a certain action. The deterrence theory has evolved from the nuclear era in three waves (Jervis, 1979) and some scholars believe that the fourth wave of research followed the cold war and continues today (Knopf, 2010; Lupovici, 2010). The modern deterrence theory in the cyber domain has three dimensions: denial, punishment, and entanglement. Wilner (2019) defines deterrence by denial as “reducing the perceived benefits an action is expected to provide a challenger”. Deterrence by denial adds to the cost that the adversary has to pay to achieve the intended benefit. Landmines, fortifications and wire fencing are examples of deterrence by denial in a battle scenario. In the cyber realm, air-gapped network systems, data encryption, anti-malware, and anti-virus products are some varieties of deterrence by denial that adds to the cost of potential adversary’s intent to carry out cyber-attacks.

This paper aims to draw out the literature on deterrence by denial in the cyberspace to analyze the present state-of-the-art vulnerabilities of the most implemented method of this deterrence form i.e the air-gapped network systems. The past cyber-incidents on air-gapped network systems are analyzed followed by the current cutting-edge technologies capable of bridging the air-gap for exfiltration of data. In the end, the paper provides a cost-benefit discussion in the wake of the presented state-of-the-art and analyzes air-gapped network systems as a credible deterrence posture in cyberspace.

2      Deterrence of Cyberattacks by Denial

In the deterrence theory, denial is the defensive stage and punishment is the offensive stage. ‘If cyberattacks can be conducted with impunity, the attacker has little reason to stop’ (Libicki, 2009), hence deterrence by denial as an overlap of punishment is the logical conclusion in the cyber deterrence theory. ‘Strong defense deters an attack by convincing an attacker that there will be no gains commensurate with the cost of attack’ (Philbin, 2013). For denial to effectively add to the cost, the adversaries should be convinced that the potential benefit they obtain through the cyberattack will be less than the effort and resources they need to execute the attack. Deterrence by denial and punishment operate on the same spectrum and are interconnected. As seen from Figure 1, attribution is not of much concern for deterrence by denial however is vital for punishment (Brantly, 2018). Denial techniques signal to all adversaries alike that the cost of penetration is high and the success rate is low. Some scholars believe that the denial mechanism is puny to deter state-actors (McKenzie, 2017; Bebber, 2018). However, US Department of Defense is probed millions of times a day by various advanced persistent threats (APTs) some of which are state-sponsored and 99.99% of them are unsuccessful (Howard & Cruz, 2017).

Figure 1: Timeline of Cyber Attacks and Defence, recreated from Brantly (2018)

There is a vital facet in today's geopolitical landscape that makes deterrence by denial more central than punishment in the cyber realm for many defenders. High-quality attribution is mandatory for punishment and is often time-consuming, difficult and cost-intensive. A state may have the cyber capability to deliver retributive punishment to the attacker, however, the wrong attribution will signal weakness and at the same time breed an additional adversary to deal with. Furthermore, the punishment event itself will cost disclosing a zero-day cyber capability of the defender. Hence state actors may not choose to resort to deterrence by punishment unless it is suggested by the cost-benefit calculations. The aftermath of the Sony Pictures attack in 2014 highlights this fact. The breach in North Korean Networks exposed the zero-day capability of the US after the attribution of the attack. This exposure culminated the exploitation avenue for the US.

Deterrence by denial entails significant expenditure. It involves allocation of financial capital right from the project inception stage for the purchase of technical resources and to provide human capital sufficient to update, enhance, audit and manage complex network infrastructure over the whole life cycle of the project (Riggs, 2004). Technologies such as intrusion detection and prevention systems (IDPS), anti-virus products and similar systems are some of the other expenditures that are generally undertaken to increasingly make the intrusion of adversaries into a given network more difficult.

To further understand the intricacies of the denial mechanism one must understand the dimensions of a cyberattack. There are three main dimensions of a cyberattack: network, supply-chain and human intelligence (malicious or unintentional). A network attack is carried out via the internet while the target is online and the threat actors find backdoors into the target to install malware and achieve the intended benefit. High fidelity IDPS, firewall, anti-malware products, and data encryption are countermeasures employed against network cyberattacks. Such services and products are cost-prohibitive and mostly recurring. The obvious choice for comprehensive denial of network cyberattacks is to disconnect the target from the network by creating an “air-gap”. Air-gapped systems are implemented for critical infrastructures in financial, research, military, and government organizations mostly at the state level and involves a large one-time capital investment. Although air-gapped systems at first glance may appear to be the decisive solution to cyberattacks, a deeper analysis reveals the vulnerabilities. Both, supply chain and human intelligence threats target air-gaps by breaching and bridging to carry out cyberattacks. Supply chain threats are more sophisticated than the network threats wherein the attackers use the supply chain of the electronic components of the target that are manufactured elsewhere. Human intelligence in the form of agents or unsuspecting innocent employees is also pertinent to cyber threats against air-gapped network systems. Further sections discuss the past successful attacks on air-gapped systems and state-of-the-art vulnerabilities.

3      Successful Attacks in the Past

3.1 Stuxnet

One of the first instances of an air-gap attack was the Stuxnet malware in 2010. The malware makes for a textbook example of the first true cyber weapon and how attackers can leverage the supply chain and human intelligence to achieve their intentions. The attack intended to physically damage the Uranium enrichment centrifuge at the Iranian Natanz nuclear facility. There were two attack routines: centrifuge overpressure and centrifuge rotor over-speed. In 2007, an unidentified person contributed a sample code for the anti-virus software – Virustotal installed on the Cascade Protection System (CPS) that controlled the centrifuge. It is believed that the first Stuxnet payload was delivered by Virustotal (Langner, 2013). Once infected, the CPS payload was delivered to the Siemens controllers and the attack code took over the control completely. The code was written to first replicate the legitimate function of the controllers and later activate the attack sequence. The attack sequence was very complex and specific. The normal input/output values during the legitimate sequence were recorded and displayed in a loop suggesting a normal operation to the human operators and other software alarm routines, while in actual the output valves for overpressure and rotor over-speed controllers were disabled. With fake input and output values, the operation continued without any alarm. The attackers did not intend a catastrophic event to stay dormant and avoid possible attribution during forensic analysis. The code regularly subjected the centrifuge to large amounts of stress thereby drastically reducing its life. As Langner (2013) puts it; the detailed pin-point manipulations of these sub-controllers indicate a deep physical and functional knowledge of the target environment; whoever provided the required intelligence may as well know the favorite pizza toppings of the local head of engineering.

The Stuxnet attack was highly specific to the industrial control system, however, the tactics and technology was generic and can be implemented on any form of target.

3.2 Project Sauron

In 2016 Kaspersky Lab and Symantec issued a warning of a highly advanced and targeted cyber-espionage campaign that was running since 2011. The malware could exfiltrate data from air-gapped networks using multiple techniques including piggybacking on network protocols. More than 40 government, medical research, educational research, military, telecom, and finance organizations in Russia, Iran, Rwanda, China, Sweden, and Belgium were infected with the malware (Schwartz, 2016).

The malicious code once infected on a system pretended to be a password filter legitimately used by system administrators but enabled its operators to copy passwords, encryption keys configuration files, documents and much more. All the operations were isolated from one another with striking attention to details. The operators used different operational infrastructure and techniques for each of their targets in what appears to be a deliberate attempt to avoid leaving the same signatures in different locations (Buchanan, 2017). A special module designed to move data from air--gapped networks to online systems was included in the malicious code. Removable USB devices were the vehicles for bridging the gap. Once online systems were compromised, the attackers waited for a USB drive to be attached to the infected machine. The USBs were formatted to reduce the size of the partition and reserving an amount of hidden data at the end of the disk for data transfer purposes. The reserved space was custom-encrypted that won’t be recognized by a common OS, such as Windows. The infected USB once plugged on to the air-gapped network delivers the payload and maps the network. In the next phase of the attack, the mapping information is transferred to the attackers once the infected USB is plugged back to any online system. Armed with the details of the air-gapped network the attackers can now send covert command and control code back to the infected USB and wait for it to fetch the intended benefits (Kaspersky Lab, 2016a). Figure 2 illustrates the lifecycle of Project Sauron. It can be seen that Stuxnet and Project Sauron employed the same tactics but had slightly different intended benefits: destruction and espionage respectively.

Figure 2: Lifecycle of Project Sauron (Trend Micro, 2017)

Technical details show how attackers learned from other extremely advanced actors to avoid repeating their mistakes (Kaspersky Lab, 2016b). The malware was active for more than five years undetected by the targets or any cybersecurity analyst.

3.3 Fanny Worm

The Fanny worm was first reported in 2008 however it was not until the discovery of Stuxnet that the two zero-day exploits used in both the attacks were reported. The worm was created by an APT named Equation Group and was distributed throughout the Middle East and Asia (Kaspersky Lab, 2015). The group has been active since 1996 and has carried out multiple Computer Network Exploitation (CNE) attacks at a sophisticated level. They have several zero-day exploits to their credit, Fanny worm being just one of them specific to air-gapped targets. As per Kaspersky Lab (2015), approximately 90% of Fanny worm targets were in Pakistan (60%), Indonesia (16%) and Vietnam (14%). The tactics of Fanny worm was the same as illustrated in Figure 2.

In the recent past, more such cyberattacks were carried out implementing the same tactics for breaching and bridging the air-gap: “Agent.BTZ”, “SymonLoader”, “Rain Maker”, “Brutal Kangaroo” and “CottonMouth” and the details are available in the literature (Michener, 2018).

3.4 BadBIOS

BadBIOS was allegedly the first lone cyber incident wherein there was a shift in the bridging technique for exfiltrating the information from an air-gapped system. In 2010, a security consultant Dragos Ruiu reported a malware BadBIOS that infected the BIOS of the system making it a highly resistant malware that refused to be eliminated in any way. This was still not a surprise for security analysts as they knew it was sophisticated yet possible. The mystery grew when the consultant reported that an air-gapped system in the lab was also infected without the use of any USB or external media. Later, the consultant alleged that the malware could jump air-gaps using high-frequency transmissions passed between the computer speakers and microphones. Back then no one believed this technique could exist (Ducklin, 2013), but the succeeding sections will discuss on this.

4      State-of-the-Art Vulnerabilities

Exfiltration of data from air-gapped systems is an intensively time-dependent event. As illustrated in Figure 2, the prevalent tactics require repeated use of the infected USB on network-connected systems and air-gapped systems to be able to execute the attack. The probability of detection and removal of the malicious code is higher unless there is a possibility to bridge the gap via other techniques. Although no cyber incidents have been reported so far wherein such techniques have been implemented, cybersecurity researchers have preemptively developed such techniques. Various covert channels have been proposed with proof-of-concept enabling exfiltration from air-gapped network systems (Pompon, 2019).

4.1 Acoustic Signal Modulation

A covert acoustical mesh network in air setup from business laptops targeting air-gapped networks was presented by Hanspach and Goetz (2013). The authors presented covert communications over acoustical emanations, utilizing speakers and microphones as sending and receiving devices. The devices are unsusceptible to security measures and can be stealthy communication. The data is modulated over the acoustical emanations in the inaudible frequency range i.e., the ultrasonic and near ultrasonic frequency ranges. Not only communication between two computers was demonstrated, but a multi-hop capability was also established. The presented approach was able to transmit messages with a rate of approximately 20 bits/s up to a range of 19.7 m between two nodes.

4.2 Electromagnetic Signal Modulation

A computer emanates electromagnetic (EM) signals from various components like the monitor and hard disk. Guri et al. (2014) presented the ‘Airhopper’ malware that is capable of modulating the EM waves from the video display unit to emanate radio signals. The radio signal can be received via Frequency Modulated (FM) enabled infected mobile phones. A proof-of-concept was presented for textual and binary data exfiltration from physically air-gapped system to a mobile phone at a distance of 1-7 m with an effective bandwidth of 13-60 bytes/s.

4.3 Thermal Manipulations

This technique is rather slow, however, is expected to be undetectable. Guri et al. (2015) presented a method to bridge the air-gap for exfiltrating data from an infected computer system by using their heat emissions and built-in thermal-sensors. The technique supports bidirectional communication and it requires no additional hardware to execute the attack. The method effectively transferred data at a rate of 1-8 bits per hour which is only sufficient for a small amount of data like passwords etc.

4.4 Hard-Drive and Fan Acoustic

To expose the vulnerability of speakerless air-gapped systems, Guri et al. (2017) presented the ‘DiskFiltration’ and ‘Fansmitter’ malware. The malware demonstrated the capability of utilizing the acoustical emanations from the hard-drive and the system’s fan to exfiltrate the data from the infected air-gapped system. Binary information was modulated over the acoustic signals and then picked up by a nearby infected system that was connected online. The transfer rate was identified as 180 bits/min at a distance of 2 m for DiskFiltration and 900 bits/hour at 8 m for Fansmitter.

To have an effective denial, the above vulnerabilities have to be defended which adds to the cost of the defender. Some of the bidirectional techniques that currently has a limited range can be developed in the future to breach the air-gapped systems that currently requires supply chain/human intelligence. As of now, the above techniques are bridging threats only provided the air-gapped system is breached. Supply chain/human intelligence remains the prime breaching threat.

5      Cost-Benefit of Deterrence by Denial using Air-Gapped Network

Air-gapping effectively deters a certain class of attackers by adding to the cost of effort and time required for the breach. With the changing threat landscape, the capital expenditure of air-gapping has increased phenomenally, however, maybe still justified given the asset in question. The deterrence can be further improved with concentrated efforts to signal the adversary through the capital expenditure on the purchase and implementation of various defensive measures and publishing preemptive threats like the ones presented above.

Air-gapping may not be beneficial to commercial businesses anymore that relies heavily on valuable process data and needs regular maintenance, repairs, and updates. Only sensitive targets meeting the following criteria merit air-gapping (3T Solutions, 2018):

·        The benefits of sharing process data between the air-gapped system and IT systems are outweighed by the risks of cyberattacks.

·        The air-gapped system is truly isolated, with no connections to remote users, Bluetooth, internal networks, defense against audio/EM/IR threats and is audited for unauthorized connections regularly.

·        Physical access to the system is tightly controlled.

·        All software and hardware are thoroughly tested before being installed on the air-gapped system.

When properly implemented, air-gapping minimizes the risk of a cyber attack but with heavy expenditure. Although denial using air-gapping offers more potential than punishment, it is not a silver bullet to the cyber deterrence problem as a standalone.

6      References

3T Solutions. (2018). Why Air-Gapping Is Not a Long-Term Cybersecurity Solution.

Bebber, R. J. (2018). There is No Such Thing as Cyber Deterrence. Please Stop. Retrieved from https://www.thecipherbrief.com/column_article/no-thing-cyber-deterrence-please-stop

Brantly, A. F. (2018). The Cyber Deterrence Problem. Paper presented at the 10th International Conference on Cyber Conflict, Tallinn, Estonia.

Buchanan, B. (2017). The Legend of Sophistication in Cyber Operations. The Cyber Security Project, Harvard Kennedy School. Retrieved from https://warwick.ac.uk/fac/soc/pais/people/aldrich/vigilant/legend_sophistication_-_web.pdf.

Ducklin, P. (2013). The "BadBIOS" Virus That Jumps Airgaps and Takes Over Your Filmware - What's the Story.

Guri, M., Kedma, G., Kachlon, A., & Elovici, Y. (2014). AirHopper: Bridging the air-gap between isolated networks and mobile phones using radio frequencies. Paper presented at the International Conference on Malicious and Unwanted Software: The Americas (MALWARE), Fajardo, PR, USA.

Guri, M., Monitz, M., Mirski, Y., & Elovici, Y. (2015). BitWhisper: Covert Signalling Channel Between Air-Gapped Computers using Thermal Manipulations. 28th Computer Security Foundations Symposium.

Guri, M., Solewicz, Y., Daidakulov, A., & Elovici, Y. (2017). Acoustic Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard-Drive Noise('DiskFiltration'). Paper presented at the European Symposium on Research in Computer Security, Luxembourg.

Hanspach, M., & Goetz, M. (2013). On Covert Acoustical Mesh Networks In Air. Journal of Communications, 8, 758-767.

Howard, T., & Cruz, J. d. A. d. (2017). The Cyber Vulnerabilities of th US Navy. Retrieved from https://maritime-executive.com/article/the-cyber-vulnerability-ofthe-us-navy

Jervis, R. (1979). Deterrence Theory Revisited. World Politics, 31(2), 289-324.

Kaspersky Lab. (2015). Equation Group: Questions and Answers. Retrieved from https://wikileaks.org/ciav7p1/cms/files/Equation_group_questions_and_answers.pdf:

Kaspersky Lab. (2016a). The ProjectSauron APT. Retrieved from https://media.kasperskycontenthub.com/wp-content/uploads/sites/43/2018/03/07190154/The-ProjectSauron-APT_research_KL.pdf:

Kaspersky Lab. (2016b). ProjectSauron: Top Level Cyber-Espionage Platform Covertly Extracts Encrypted Government Comms. Retrieved from https://securelist.com/faq-the-projectsauron-apt/75533/:

Knopf, J. (2010). The ourth Wave in Deterrence Research. Contemporary Security Policy, 31(1), 1-33.

Langner, R. (2013). To Kill a Centrifuge: A Technical Analysis of What Stuxnet's Creators Tried to Achieve. Retrieved from Germany:

Libicki, M. C. (2009). Cyber Deterrence and Cyberwar. Santa Monica, CA: RAND Corporation.

Lupoit, A. (2011). Cyber War and Deterrence: Trends and Challenges in Research. Military and Strategic Affairs, 3(3).

Lupovici, A. (2010). The Emerging Fourth Wave of Deterrence Theory - Toward a New Research Agenda. International Studies Quarterly, 54, 705-732.

Mandel, R. (2017). Optimizing Cyberdeterrence: A comprehensive Strategy for Preventing Foreign Cyberattacks. Washington, DC: Georgetown University Press.

McKenzie, T. M. (2017). Is Cyber Deterrence Possible? Perspectives on Cyber Power, Air University Press, CPP-4.

Meakins, J. (2018). Living in (Digital) Denial: Russia’s Approach to Cyber Deterrence. Retrieved from

Michener, J. (2018). Beating the Ai-Gap: How Attackers Can Gain Access to Supposedly Isolated Systems.

Morgan, P. M. (2011). Applicability of Traditional Deterrence Concepts and Theory to the Cyber Realm. Paper presented at the Deterring Cyber Attacks: Informing Strategies and Developing Options for U.S. Policy, USA.

Philbin, M. J. (2013). Cyber Deterrence: An Old Concept in New Domain. (Master of Strategic Studies), United States Army War College, USA.

Pompon, R. (2019). Attacking Air-Gap-Segregated Computers.

Riggs, C. (2004). Network Perimeter Security. New York: Auerbach Publications.

Schwartz, M. J. (2016). Espionage Malware Penetrates Air-Gapped Networks. Retrieved from https://www.bankinfosecurity.com/espionage-malware-penetrates-air-gapped-networks-a-9331

Sterner, E. (2011). Retaliatory Deterrence in Cyberspace. Strategic Studies Quarterly, 62-80.

Trend Micro. (2017). A Look at the Threats to Air-Gapped Systems. Retrieved from https://www.trendmicro.com/vinfo/us/security/news/cybercrime-and-digital-threats/a-look-at-the-threats-to-air-gapped-systems

Wilner, A. S. (2019). US cyber deterrence: Practice guiding theory. Journal of Strategic Studies, 1-36. doi:10.1080/01402390.2018.1563779