Panel A: Physical Access: An old solution to a new cyber threat. Equipping soldiers with USB Rubber Duckies to collect intelligence from air gapped networks

Abstract

As the world moves further into a modern-day era, cyber offensive operations have seen a massive spike in warfare use. These massive spikes have led to an uptick of ransomware, denial of service, trojan horses, and brute force attacks. These attack vectors have forced sophisticated networks to move from outbound connections to air gapped networks. These networks only communicate within the facility and have no outbound connections. These facilities tend to be classified structures like nuclear reactors, SCIFs, or any other facility that needs to be heavily classified. However, these structures do have a weakness in their defense: physical access. Due to this weakness, the United States needs to shift their own operating procedures when dealing with air gapped locations. This new approach should equip soldiers with the necessary tools to collect intelligence off air gapped computers. These tools include Bash Bunny, Shark Jack, KeyCroc, USB Rubber Duckies, and even specially made devices. With a hint of the operating systems being used, from the United States’ intelligence community, the soldiers would have the proper tools to effectively and efferently acquire data from an air gapped computer or network. This research explains how using a USB Rubber Ducky and similar devices can be used to pull information from a computer, effectively replicating how an air gapped computer would operate when faced with a United States soldier. This new approach would further heighten the United States’ cyber capabilities while being detrimental to the opposing force, leading to information advantage over our adversaries.