Trying to break the “unbreakable”

If you say something is “unhackable,” you just might get a few takers — researchers who want to see if they can hack through.

Here, an industrial security researcher takes on a security device called a data diode.

Watch here:

What’s a Data Diode?

A data diode is a little light that sends signals — in one direction only — to a receiver.

You might think of it like a flashlight.

Your eye may be able to see the light from far away.

But you can’t take over my flashlight and turn it on or off.

Only I can control it.

My flashlight can only send, not receive.

So, people use data diodes to protect really important things, like nuclear power plants and national
secrets.

Some advertising describes some data diode products as “unhackable” and “enforced by physics.”

 

Model of a data diode used for industrial security
A model of a data diode by FoxGuard Solutions researcher Monta Elkins. Image: Archer News

A Challenge

Researcher Monta Elkins of FoxGuard Solutions — of Star Wars drill hack fame — decided to try.

“It’s the unhackable device. It’s the impossible one, right?” he said to Archer News. “So, yeah, you have to give it a try. You have to crack the impossible device.”

He created a data diode of his own —also called a unidirectional gateway — in a miniature-sized nuclear power plant model.

The computer inside his plant connects to the data diode, then the data diode connects to another computer outside the plant.

In theory, the plant can use the one-way gate to send out info about how much energy the plant is producing, but no one can send anything back in, like a nasty command to shut off the cooling fans and cause a nuclear accident.

“They might do something bad,” Elkins said. “Leave it to your imagination. Plants, Industrial control plants. Water. Power. Nuclear power plants. You don’t want to shut them down. You don’t them to overheat, you don’t want these things to happen.”

 

nuclear plant model with data diode for industrial security

Researcher Monta Elkins’ portable model nuclear power plant with data diode. Image: Archer News

One Way Only

You may hear that data diodes are like a one-way street.

A one-way sewer valve.

A revolving security gate that lets you out, but not in.

“People can walk through this in one direction,” Elkins said, using the revolving gate as an example in a presentation
to an audience in Stockholm, Sweden. “But to go the other way, you need a Star Trek transporter.”

Elkins may have found his transporter.

 

A revolving security gate demonstrates how a data diode works

Elkins compares a data diode to a revolving security gate that allows you to travel in one direction only. Image: PublicDomainPictures

How It Works

Here’s how the attack plays out, according to Elkins:

  • He puts malware onto the computers in the data diode.

  • His malware turns the data diode computers into tiny radios that can transmit & receive signals — in both directions.

  • The radio signals bypass the one-way data diode connection.

  • Attackers outside the plant can use that two-way radio connection to control the model plant & shut down the cooling system.

“We’re shutting off the cooling in the plant which basically means it may overheat and melt down,” he said“That’s bad.”

 

a model of a nuclear plant cooling fan

Elkins’ model nuclear reactor cooling fan, shut down by “attackers” who bypassed the plant’s data diode. Image: Archer News

Should You Still Use Them?

Elkins’ data diode is a custom version, not an exact copy of the ones in real nuclear plants.

But he says cyber invaders may try to use this kind of attack to spy or do damage.

“Do you think someone is actually doing this attack right now, somewhere?” Archer News asked Elkins.

“You know very possibly,” he answered. “If I’m running an intelligence agency, there’s a bunch of people like me sitting in rooms working on this technology for when it’s necessary. Probably in preparation. You don’t want to start these attacks right now, necessarily. People aren’t ready to start a war, but people always prepare for war.”

Even for Industrial Security?

Does he think people should still use data diodes for industrial security?

Yes.

“I’m not saying, ‘Don’t use those devices.’ None of the security devices that we use are perfect,” said Elkins.

“Data diodes in a properly organized network can be very useful,” he added. “This is saying, ‘Consider that they may not be perfect.’”

 

industrial security researcher Monta Elkins describes his research

Security researcher Monta Elkins describes his attack on data diode technology in Anaheim, California. Image: Archer News

Vulnerable?

Archer News asked some companies selling data diode industrial security products for their thoughts.

Owl Cyber Defense says their data diode device is more complex and not vulnerable to this kind of attack.

Waterfall Security Solutions says their unidirectional gateway device is also more complex and not vulnerable.

Advenica says they have taken this kind of attack into account when designing their data diode product — and
you should, too, if you use data diodes on your systems.

The Department of Homeland Security says data diodes can help industrial systems stay safe.

“If you recognize the potential for the attack, you can mitigate it,” Elkins said. “You still need to ‘do security’ inside your plant, regardless of any air gap or data diode.”