HVACKer: Bridging the Air-Gap by Manipulating the

Y Mirsky, M Guri, Y Elovici

In this paper, we propose a new adversarial model that shows how an air gapped network can receive communications over a covert thermal channel. Concretely, we show how attackers may use a compromised air-conditioning system (connected to the internet) to send commands to infected hosts within an air-gapped network. Since thermal communication protocols are a rather unexplored domain, we propose a novel lineencoding and protocol suitable for this type of channel. Moreover, we provide experimental results to demonstrate the covert channel’s feasibility, and to calculate the channel’s bandwidth. Lastly, we offer a forensic analysis and propose various ways this channel can be detected and prevented. We believe that this study details a previously unseen vector of attack that security experts should be aware of.