How NSA Can Spy on Air-Gapped Networks? Meet FIREWALK (youtu.be)

submitted 1 day ago* (last edited 1 day ago) by kugmo@sh.itjust.works to c/cybersecurity@sh.itjust.works

9 comments fedilink hide all child comments

Came out in 2008 and leaked in 2013, the glowies have been able to send out malicious packets from air-gapped networks for exuberant prices.

top 9 comments

sorted by: hot top controversial new old

[-] mindbleach@sh.itjust.works 3 points 22 hours ago

"How can NSA--?" is a question.

"How NSA can--" is a statement.

[-] Cyber@feddit.uk 2 points 1 day ago

Ah, there's other ways too... see the video with a drone watching HDD LEDs.

Needs malware to do the LED thing of course, oh, and deaf security that aren't concerned by a drone hovering outside a window every night, but apart from that, it's foolproof.

[-] index@sh.itjust.works 2 points 1 day ago

"Came out in 2008 and leaked in 2013"

17 years ago they had this...

[-] sun_is_ra@sh.itjust.works 2 points 1 day ago

Anyone watched the video willing to share how?

[-] higgsboson@dubvee.org 5 points 1 day ago

https://www.schneier.com/blog/archives/2014/03/firewalk_nsa_ex.html

FIREWALK is a bidirectional network implant, capable of passively collecting Gigabit Ethernet network traffic, and actively injecting Ethernet packets onto the same target network.

[-] sun_is_ra@sh.itjust.works 3 points 1 day ago

Thank you kind stranger.

I also found another website that has some images and bit more details if anyone interested

https://www.cryptomuseum.com/covert/bugs/nsaant/firewalk/index.htm

[-] kugmo@sh.itjust.works 4 points 1 day ago

Work for the NSA, seize package of a computer from person you want to spy on, install RJ45 port with hardware backdoor that also has RF emitter, gather the intercepted packets with RF receiver within distance.

[-] kmartburrito@lemmy.world 3 points 1 day ago

It's a combination of compromising the hardware gigabit connector on the motherboard, and embedding within that connector a hidden rf device that can exfiltrate data over a wireless signal, effectively jumping across that air gap in place.

It details how the NSA captured hardware shipments in transit and replaced them with the firewalk compromised hardware and then let the shipments proceed to their intended recipient.

It's an 11 minute video, and a decent watch.

[-] socsa@piefed.social 0 points 1 day ago

They put an SDR into Ethernet ports. This let them inject exploits and exfil data across air gaps using local agents or proxies who merely got close to the device.

this post was submitted on 02 May 2025

16 points (94.4% liked)

Cybersecurity

7116 readers

35 users here now

c/cybersecurity is a community centered on the cybersecurity and information security profession. You can come here to discuss news, post something interesting, or just chat with others.

THE RULES

Instance Rules

Be respectful. Everyone should feel welcome here.
No bigotry - including racism, sexism, ableism, homophobia, transphobia, or xenophobia.
No Ads / Spamming.
No pornography.

Community Rules

Idk, keep it semi-professional?
Nothing illegal. We're all ethical here.
Rules will be added/redefined as necessary.

If you ask someone to hack your "friends" socials you're just going to get banned so don't do that.

Learn about hacking

Hack the Box

Try Hack Me

Pico Capture the flag

Other security-related communities !databreaches@lemmy.zip !netsec@lemmy.world !securitynews@infosec.pub !cybersecurity@infosec.pub !pulse_of_truth@infosec.pub

Notable mention to !cybersecuritymemes@lemmy.world

founded 2 years ago

MODERATORS

kid@sh.itjust.works

Lanky_Pomegranate530@midwest.social