Click to Skip Ad
Closing in...

How the CIA hacks computers that aren’t even connected to the internet

CIA Malware Wikileaks

Air-gapped computers are supposed to be ultra-secure PCs that can’t be infected with malware that spreads with the help of the internet. That’s because of these computers, often connected to sensitive machines, aren’t also connected to the internet. You’d think these systems would be impenetrable by remote attacks and would require a hacker to be in the same room with the PC. But, unsurprisingly, the CIA developed tools that can infect air-gapped computers.

Wikileaks on Thursday published more than 150 pages of materials that explain how the CIA used USB drives to sneak malware to the air-gapped machines. After all, even these computers need to exchange data, and the only way to do it is using USB drives or external hard drives.

A platform called Brutal Kangaroo contains tools that can be used to target computer systems not connected to the internet, Ars Technica explains. Drifting Deadline is a tool installed on a computer of interest. When a USB drive is connected to it, the tool will infect it with malware that would then be passed to the air-gapped computer.

These advanced malware versions would be able to infect air-gapped computer immediately after the USB drive is plugged in. Some of them required no user interaction and could be activated by default behaviors in Windows, such as Windows Explorer displaying icons, or the letter corresponding to the thumb drive that was just inserted.

Microsoft said it patched some of these vulnerabilities, and they don’t work on any of the supported versions of Windows.

The documentation says that the first infection — the deployment of Drifting Deadline — might need manual access to a computer, but Ars argues that intrepid hackers could find ways to deliver the malware to the computer that would be used to transmit it to a USB stick.

Chris Smith has been covering consumer electronics ever since the iPhone revolutionized the industry in 2008. When he’s not writing about the most recent tech news for BGR, he closely follows the events in Marvel’s Cinematic Universe and other blockbuster franchises. Outside of work, you’ll catch him streaming almost every new movie and TV show release as soon as it's available.