HydraulicBridge: Covert Signaling Channel between Air-Gapped Systems Using Hydraulic-Pressure Fluctuations

To protect critical computing systems from network attacks, modern enterprises typically employ physical isolation measures to disconnect them from open networks such as the Internet. However, attackers can still infiltrate these closed networks through internal employees or supply chain vulnerabilities. This presents the primary challenge that attackers face: how to effectively manage and manipulate infected devices that are isolated from the external network. In this paper, we propose a new covert communication technology called HydraulicBridge, which demonstrates how air gap networks can communicate through covert water pressure-fluctuation channels. Specifically, we demonstrate how water pressure from water pipes can be used to communicate with infected hosts within an air gap network. Additionally, we provide experimental results demonstrating the feasibility of covert channels and test the communication speed in the experimental environment. Finally, we offer a forensic analysis and propose various methods for detecting and blocking this channel. We believe that this study provides a comprehensive introduction to previously unseen attack vectors that security experts should be aware of.