Air-gapped networks aren’t easily compromised, but they don’t offer perfectly air-tight security either. Leveraging insider threats, infecting flash drives and other removable media, and conducting side-channel attacks are all techniques malicious actors can employ to spread malware to isolated systems.
Indeed, researchers at ESET are reporting the discovery of a new cyber espionage framework designed with the intention of doing just that. They call it Ramsay, and they say it’s built to collect and exfiltrate documents while operating and propagating within air‑gapped networks.
In a company blog post, ESET malware researcher Ignacio Sanmillan says so far there are few known victims of Ramsay, which suggests the toolkit is still being refined by its developers. Or, worse, the true victim count is understated simply to due poor visibility of targeted organizations.
Either way, “The Ramsay malware proves that air-gapped networks are not completely immune to breaches,” said Mordechai Guri, head of research and development at Ben-Gurion University of the Negev’s Cyber-Security Research Center and chief scientific officer at Morphisec. Guri has extensive experience studying vulnerabilities i ..
Support the originator by clicking the read the rest link below.
