Don't Look Up: Ubiquitous Data Exfiltration Pathways in Commercial Spaces
Reviewed by Pithpith:ZSWM3PTOopen to challenge →
read the original abstract
We show that as a side effect of building code requirements, almost all commercial buildings today are vulnerable to a novel data exfiltration attack, even if they are air-gapped and secured against traditional attacks. The new attack uses vibrations from an inconspicuous transmitter to send data across the building's physical infrastructure to a receiver. Our analysis and experiments with several large real-world buildings show a single-frequency bit rate of 300Kbps, which is sufficient to transmit ordinary files, real-time MP3-quality audio, or periodic high-quality still photos. The attacker can use multiple channels to transmit, for example, real-time MP4-quality video. We discuss the difficulty of detecting the attack and the viability of various potential countermeasures.
This paper has not been read by Pith yet.
discussion (0)
Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.