Tag Archive for: air

New Air Gap-Jumping Attack Uses Ultrasonic Tones and Smartphone Gyroscope

/in


A researcher from the Ben-Gurion University of the Negev in Israel has shown how a threat actor could stealthily exfiltrate data from air-gapped computers using ultrasonic tones and smartphone gyroscopes.

The attack method, named GAIROSCOPE, assumes that the attacker has somehow managed to plant malware on the air-gapped computer from which they want to steal data, as well as on a smartphone that is likely to go near the isolated device.

According to researcher Mordechai Guri, the malware that is on the air-gapped computer can transmit ultrasonic tones using the device’s loudspeakers. These tones are inaudible and on a frequency that is picked up by a gyroscope.

Gairoscope attack setup

Gyroscope sensors in smartphones determine the direction of the device and they enable users to perform various actions by tilting the phone. This includes automatically rotating the screen and moving characters or objects in a game. Unlike the microphone, which is more difficult to access by a malicious application, a phone’s gyroscope can be accessed by iOS and Android malware that does not have as many permissions.

The malware that is on the isolated device collects valuable data such as passwords and encryption keys, and encodes it using audio frequency-shift keying, where one specified frequency represents a ‘0’ bit and a different frequency represents a ‘1’ bit. The malware uses the device’s speakers to transmit inaudible sounds at those frequencies.

On the phone side of the attack, the infected device’s gyroscope picks up those tones when it’s near the air-gapped computer. The method leverages previous research that showed how gyroscopes are vulnerable to acoustic attacks.

The hacker’s mobile malware continuously samples and processes the gyroscope sensor output. When it detects an exfiltration attempt — a specific bit sequence is used to signal the start of data transmission — it demodulates and decodes the data. The exfiltrated data can then be forwarded to the attacker using the phone’s internet connection.

Experiments conducted by Guri showed that the GAIROSCOPE method allows for a maximum data transmission rate of 8 bits/sec over a distance of up to 8 meters (26 feet).

This is not…

Source…

Air Defense and the Limits of Drone Technology

/in


Editor’s Note: Drones are often heralded as revolutionizing warfare, but recent experiences in Ukraine and elsewhere suggest that these systems have many vulnerabilities. Drawing on their longer research, Antonio Calcara, Andrea Gilli, Mauro Gilli, and Ivan Zaccagnini argue that drones are highly vulnerable to air defenses and that highly-trained humans are vital for drones to be their most effective.

Daniel Byman

***

After two decades of hype, the war in Ukraine is prompting a reevaluation of the utility of military drones. Ukrainian forces used Turkish Bayraktar TB2 drones to great effect in the early days of the conflict, and the United States has discussed selling Ukraine MQ-1C Gray Eagles. But as the war has progressed, these platforms have become less effective. According to a Ukrainian air force pilot interviewed by Foreign Policy magazine, Turkish TB2s “were very useful and important in the very first days [of the war], stopping those columns [of armored vehicles], but now that [the Russians have] built up good air defenses, they’re almost useless.” Another Ukrainian air force pilot echoed this sentiment, telling Breaking Defense, “[I]t’s very dangerous to use such expensive drones [like the Gray Eagle], in our case, because of [the] enemy’s air defense …. It’s not Afghanistan here.” Along the same lines, military analysts writing for The Drive note that U.S. defense planners have a similar assessment. “[T]he U.S. Army has reached many of the same conclusions about the [Gray Eagle]’s ability to survive even in environments with relatively limited threats,” they write. “The U.S. Air Force has been looking to move away from the MQ-9 Reaper, the Gray Eagle’s larger cousin, for the same reasons.”

These assessments contradict the dominant narrative that military drones are a war-winning weapons system. Early on during the Russian invasion of Ukraine, for instance, some observers cheered Turkish drones as a decisive weapon, so much so that there have been popular fundraising initiatives to purchase more TB2s for Ukraine. Similar narratives emerged during the 2020 Nagorno-Karabakh war between Armenia and Azerbaijan and during the battle for…

Source…

Air Force adds more jobs to initial enlistment bonus list > Air Force Recruiting Service > Features

/in



JOINT BASE SAN ANTONIO-RANDOLPH, Texas —  

The Air Force added more opportunities for future Airmen to receive bonuses upon entering active duty in fiscal 2022.


Seven maintenance-related skills, each with four or six-year contracts, were added to the FY22 Initial Enlistment Bonus program July 11, 2022. Bonuses will be offered through Sept. 30, 2022.


This brings the total number of Air Force Specialty bonuses to 22.


“Our Air Force value proposition is about far more than pay or compensation. It’s primarily about opportunity, and joining a community with an unmatched sense of purpose. But in a highly-competitive labor market enlistment incentives can help ensure we get the additional Airmen required to fill our ranks and serve the nation. Today, that job market is at record-high levels of competition and it’s a battle for talent,” said Maj. Gen. Ed Thomas, Air Force Recruiting Service commander.


Another incentive that may help recruiters fill short-notice gaps is a quick-ship bonus which began in April. Quick Ship is when an already fully-qualified applicant fills a short-notice Basic Military Training vacancy, and ships within five days or less.


More than 179 bonuses have been paid to new recruits who entered active duty within a few days of signing their contract. Any member who enters active duty with one of the quick-ship career fields may be eligible to receive an $8,000 bonus.


Special Warfare recruits are eligible for up to $50,000 upon entering active duty.


Certain cyber career fields have bonus pay amounts that are based on an applicant’s highest level of certification, giving the applicant an opportunity to receive up to $20,000.


Recruiting incentives give recruiters additional support and tools to use as they press through all the challenges associated with reaching the Air Force’s FY22 accessions goals. Those challenges include a low youth inclination to join, a national labor shortage and the aggregate effects of recruiting with reduced face to face contact since the outbreak of COVID-19 in 2020.


The following is the complete IEB list effective July 11, 2022:



AFSC AFSC Name 6-year Bonus 4-year Bonus

Source…

World: Space – Air Force Magazine

/in


SpOC leads missions “like space domain awareness, electromagnetic warfare, missile warning, operational-level command and control, defensive cyber capabilities, intelligence, surveillance, and reconnaissance, satellite communications, precision, navigation, and timing, orbital warfare,” he said. Adding more intelligence activities would contribute to the command’s priority of being “ISR-led and cyber secure.”  

Source…