Loading...
Data Leakage Resources
EXPLOITS & VULNERABILITY RESEARCH
Research into how to break data out of secure systems can inspire data leak protection systems to prevent the vulnerabilities revealed from being exploited DLP with a "black-hat" mentality: finding ways to break data out to find the holes. Most of these exploits rely on malware initially compromising the target machine, unlike the Data Border proof of concept ex-filtration tools which are based on a rogue insider with only normal non-elevated access wishing to bypass DLP; they do however illustrate the kinds of techniques and channels used to ex-filtrate the data.
![Inaudible Sound as a Covert Channel in Mobile Devices](assets/resources/Exploit-Research/Inaudible Sound as a Covert Channel in Mobile Devices.png)
![](assets/resources/pdf.png)
Explores the unconventional methods attackers will begin to use for ex-filtrating data as devices become more secure, focussing on vibrations and sound to send signals up to 100 feet away.
Cached from here
![DiskFiltration Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise](assets/resources/Exploit-Research/DiskFiltration Data Exfiltration from Speakerless Air-Gapped Computers via Covert Hard Drive Noise.png)
![](assets/resources/pdf.png)
A covert channel to leak of data from a computer by manipulating the movements of the hard drive's actuator to emit sounds without the presence of speakers or audio hardware.
Cached from here
![Covert Channels Using Mobile Devices Magnetic Field Sensors](assets/resources/Exploit-Research/Covert Channels Using Mobile Devices Magnetic Field Sensors.png)
![](assets/resources/pdf.png)
Develops a covert channel using magnetic field changes induced by computer components in IO operations (movement of the hard drive magnetic head) and picked up by smartphone magnetic sensors.
Cached from here
![Platform-agnostic Low-intrusion Optical Data Exfiltration](assets/resources/Exploit-Research/Platform-agnostic Low-intrusion Optical Data Exfiltration.png)
![](assets/resources/pdf.png)
Involves a modified USB storage device which ex-filtrated data covertly by blinking infra-red LEDs.
Cached from here
![Air-gap Limitations and Bypass Techniques - electromagnetic](assets/resources/Exploit-Research/Air-gap Limitations and Bypass Techniques - electromagnetic.png)
![](assets/resources/pdf.png)
Data transfer over an air-gap by intentionally creating electromagnetic interference for use as a covert data channel and an FM receiving smart-phone as the untrusted system to which the data is ex-filtrated.
Cached from here
![Fansmitter Acoustic Data Exfiltration](assets/resources/Exploit-Research/Fansmitter Acoustic Data Exfiltration.png)
![](assets/resources/pdf.png)
Use of a system fan to produce a signal from vibrations over which data can be transferred, even in systems which are air-gapped and the speakers have been removed to create an 'audio-gap'.
Cached from here
![VisiSploit An Optical Covert-Channel to Leak Data through an Air-Gap](assets/resources/Exploit-Research/VisiSploit An Optical Covert-Channel to Leak Data through an Air-Gap.png)
![](assets/resources/pdf.png)
An Optical Covert-Channel to Leak Data through an Air-Gap via an LCD computer monitor using QR codes shown with low contrast or within fast flickering images to avoid detection with the human eye but still recover data by recording the screen with a camera.
Cached from here
![xLED Covert Data Exfiltration from Air-Gapped Networks via Router LEDs](assets/resources/Exploit-Research/xLED Covert Data Exfiltration from Air-Gapped Networks via Router LEDs.png)
![](assets/resources/pdf.png)
An approach to covertly leak data (e.g., encryption keys, passwords and files) from highly secure or air-gapped networks via status LEDs in networking equipment like routers.
Cached from here
![IREXF Data Exfiltration from Air-gapped Networks by Infrared Remote Control Signals](assets/resources/Exploit-Research/IREXF Data Exfiltration from Air-gapped Networks by Infrared Remote Control Signals.png)
![](assets/resources/pdf.png)
A novel infrared optical covert channel from a well-protected air-gapped network via a malicious infrared module implanted into a keyboard.
Cached from here
![Exfiltration of Data from Air-gapped Networks via Unmodulated LED Status Indicators](assets/resources/Exploit-Research/Exfiltration of Data from Air-gapped Networks via Unmodulated LED Status Indicators.png)
![](assets/resources/pdf.png)
Data ex-filtration using system LEDs with binary frequency shift keying(B-FSK) replacing on-off keying(OOK) to improve the imperceptibility as covert communication.
Cached from here
![AirHopper Bridging the Air-Gap between Isolated Networks and Mobile Phones using Radio Frequencies](assets/resources/Exploit-Research/AirHopper Bridging the Air-Gap between Isolated Networks and Mobile Phones using Radio Frequencies.png)
![](assets/resources/pdf.png)
AirHopper bridges the air-gap between an isolated network and nearby infected mobile phones using FM signals emitted from the graphics card.
Cached from here
![Air-Gap covert channels Carrara_Brent_2016_thesis](assets/resources/Exploit-Research/Air-Gap covert channels Carrara_Brent_2016_thesis.png)
![](assets/resources/pdf.png)
Extensive discussion of out-of-band covert data leak channels (acoustic, light, seismic, magnetic, thermal, and radio-frequency), techniques, covertness and transfer rates.
Cached from here
![On Covert Acoustical Mesh Networks in Air](assets/resources/Exploit-Research/On Covert Acoustical Mesh Networks in Air.png)
![](assets/resources/pdf.png)
Uses audio modulation/demodulation to exchange data between systems through air (originally designed for underwater) to circumvent system and network policies by establishing communications that have not been considered in the design of the computing system.
Cached from here
![Bridging the Air Gap Inaudible Data Exfiltration by Insiders](assets/resources/Exploit-Research/Bridging the Air Gap Inaudible Data Exfiltration by Insiders.png)
![](assets/resources/pdf.png)
Presents a method that insiders can use to facilitate data ex-filtration from air-gapped systems without using any modified hardware using inaudible sounds transmitted from the target machine’s speakers to transfer data to a nearby computer equipped with a microphone.
Cached from here
![GSMem Data Exfiltration from Air-Gapped Computers over GSM Frequencies](assets/resources/Exploit-Research/GSMem Data Exfiltration from Air-Gapped Computers over GSM Frequencies.png)
![](assets/resources/pdf.png)
Malware that ex-filtrates data through an air-gap over cellular frequencies. Rogue software on an infected target computer modulates and transmits electromagnetic signals at cellular frequencies by invoking specific memory-related instructions and utilizing the multichannel memory architecture.
Cached from here
![Data Exfiltration and Covert Channels](assets/resources/Exploit-Research/Data Exfiltration and Covert Channels.png)
![](assets/resources/pdf.png)
A discussion of data ex-filtration methods, their bandwidth, covertness and maliciousness.
Cached from here
![BitWhisper Covert Signalling Channel between Air-Gapped Computers using Thermal Manipulations](assets/resources/Exploit-Research/BitWhisper Covert Signalling Channel between Air-Gapped Computers using Thermal Manipulations.png)
![](assets/resources/pdf.png)
A method of bridging the air-gap between adjacent compromised computers by using their heat emissions and built-in thermal sensors to create a covert bidirectional communication channel with no additional hardware.
Cached from here
![Through Glass XFER Screen Data Transfer](assets/resources/Exploit-Research/Through Glass XFER Screen Data Transfer.png)
![](assets/resources/pdf.png)
A suite of tools that demonstrate the unauthorised infiltration and ex-filtration of code and data through secure networks; A way to download files through a screen (even via an ANSI terminal window) and a way to upload files through the keyboard interface.
Cached from here
![Leaking Data from Air-Gapped Computers via the Hard Drive LED](assets/resources/Exploit-Research/Leaking Data from Air-Gapped Computers via the Hard Drive LED.png)
![](assets/resources/pdf.png)
Blinks the hard disk drive (HDD) activity LED which exists in most of today’s desktop PCs, laptops and servers to ex-filtrate data
Cached from here
DATA LOSS COST, RISK AND IMPACT SURVEYS
Assessments of the size, scale and impact of data loss on organisations.
![Ponemon 2017 Cost Cyber Crime](assets/resources/Market-Surveys/Ponemon 2017 Cost Cyber Crime.png)
![](assets/resources/pdf.png)
Analyses the costs and impacts of cyber crime on businesses as the number of successful breaches per company each year rises: information loss represents the largest cost component.
Cached from here
![Ponemon 2017 Cost Of Data Breach Study](assets/resources/Market-Surveys/Ponemon 2017 Cost Of Data Breach Study.png)
![](assets/resources/pdf.png)
Examines the costs and impacts of data breaches on businesses: the average total cost is decreasing but breaches are getting larger. Analysis breaks down by root cause, industry & country and shows factors influencing the cost.
Cached from here
![Ponemon 2016 The Cybersecurity Risk to Knowledge Assets](assets/resources/Market-Surveys/Ponemon 2016 The Cybersecurity Risk to Knowledge Assets.png)
![](assets/resources/pdf.png)
Conducted to determine whether the publicity accorded data breaches subject to notification laws and related regulatory requirements has skewed the focus of organizations away from the theft or loss of their most critical information
Cached from here
![Ponemon 2016 Data Theft Press Release](assets/resources/Market-Surveys/Ponemon 2016 Data Theft Press Release.png)
![](assets/resources/pdf.png)
Highlights the key risks of data theft to organisations and asserts that they are unprepared to protect what matters most to them
Cached from here
![HP Cyber Security And Your Business](assets/resources/Market-Surveys/HP Cyber Security And Your Business.png)
![](assets/resources/pdf.png)
Examines common Cyber security myths, the impact of cyber crime on businesses and the future of business cyber security.
Cached from here
DLP MARKET COVERAGE REVIEW
Like most technology sectors nowadays, there is good market coverage by the review panels of Forrester and Gartner. They give interesting insight into the state of the market, trends and what the factors are to judge DLP solutions by as well as reviewing the offerings of the large enterprise providers.
![Gartner Magic Quadrant for Enterprise Data Loss Prevention 2017](assets/resources/DLP-Market-Coverage/Gartner Magic Quadrant for Enterprise Data Loss Prevention 2017.png)
![](assets/resources/pdf.png)
Security and risk management leaders purchase on-premises enterprise DLP to solve for either organization wide regulatory compliance or to better protect specific types of intellectual property, while monitoring emerging cloud DLP capabilities. Gartner defines the DLP market as those technologies that, as a core function, provide remediation for data loss based on both content inspection and contextual analysis of data.
Cached from here
![The Forrester Wave Data Loss Prevention Suites Q4 2016](assets/resources/DLP-Market-Coverage/The Forrester Wave Data Loss Prevention Suites Q4 2016.png)
![](assets/resources/pdf.png)
Evaluates and scores the 7 most significant data loss prevention suite providers. Symantec, Digital Guardian, and Forcepoint lead the pack. IP Protection, Info Management, And Endpoint Visibility And Control Are Key Differentiators
Cached from here
![Forrester Market Overview Data Loss Prevention](assets/resources/DLP-Market-Coverage/Forrester Market Overview Data Loss Prevention.png)
![](assets/resources/pdf.png)
Examines the factors driving renewed interest in DLP, the state of DLP suite adoption, and the pros and cons of different approaches of bringing DLP capabilities into the enterprise.
Cached from here
![Forrester Vendor Landscape Data Loss Prevention Solutions](assets/resources/DLP-Market-Coverage/Forrester Vendor Landscape Data Loss Prevention Solutions.png)
![](assets/resources/pdf.png)
Highlights the different channels of data loss and examines the varied landscape of vendors offering DLP capabilities today as a feature, standalone solution, or suite
Cached from here
![DLP Experts Data Loss Prevention Leading Vendor Review Q4 2016](assets/resources/DLP-Market-Coverage/DLP Experts Data Loss Prevention Leading Vendor Review Q4 2016.png)
![](assets/resources/pdf.png)
Focuses on Data Loss Prevention technologies and the DLP marketplace at large. Provide an overview of select Data Loss Prevention (DLP) vendor technologies.
Cached from here