Security Researcher Demonstrates Attackers Communicate via DNS to Attack Air-Gapped Networks

Pentera has releaseda new research report on how Uriel Gabay, Security Researcher at Pentera was able to bypass an air-gapped network to execute an attack. In order to protect an organization’s critical assets from Internet access, IT teams often create isolated or ‘air-gapped’ networks. 

These networks are largely considered inherently untouchable, but Pentera Labs Research was able to bridge the air-gap and access them with only a few lines of code. Air-gapped networks may not have direct access to the Internet, but they still often require DNS services in order to resolve a company’s internal DNS records. 

Uriel was able to exploit this reality to execute an attack over the DNS and showcase how hackers could relatively easily access offline information that organizations assumed was safe.

You can read the research here.

Leave a Reply