Jumping the Air Gap - 15 Years of Nation-State Efforts

Explore the evolution of nation-state efforts to breach air-gapped networks over the past 15 years in this 25-minute conference talk from NorthSec 2022. Gain valuable insights into the techniques used by sophisticated actors to compromise highly sensitive systems, including industrial control systems, voting systems, and SCADA networks. Analyze 17 malicious frameworks designed to bypass air-gap security measures, identifying common patterns and attack vectors. Learn about execution methods, air-gap-crossing mechanisms, communication protocols, information stealing techniques, and lateral movement capabilities employed by these frameworks. Discover practical advice on prioritizing security resources and implementing effective countermeasures to protect isolated networks. Understand the importance of addressing real-world attack methods rather than focusing solely on theoretical bypass techniques. Whether responsible for air-gapped network security or interested in the history of these sophisticated attacks, acquire essential knowledge to enhance your ability to detect, mitigate, and prevent future breaches of critical infrastructure.

NSEC2022 - Alexis Dorais-Joncas - Jumping the air gap: 15 years of nation-state efforts