AerLock

Inspiration

Many cybersecurity programs aren't suited for the average user, with high costs, lack of consumer availability, and complicated UI. We developed AerLock as a solution that places the power to defend in the hands of the average person, allowing users to lock down their suite of connected devices from a single interference easily and efficiently.

Overview

AerLock provides a secure way to remotely airgap and restore functionality on multiple devices across different operating systems by disabling or enabling communication services like Wi-Fi, Bluetooth, Cellular Data, NFC, and physical ports. Integration with a MQTT broker enables AerLock to send lock or unlock commands from an Android app to an AWS cluster, triggering a responses from all machines with an installed and connected endpoint.

Use Cases

Active Defense Against Cyber Threats: AerLock with the press of a single button instantly airgaps all connected devices during a cyber-attack. This prevents malicious actors from exfiltrating data or escalating the attack further.

Secure Confidential Work: Activating AerLock ensures your device remains completely offline by disabling all network services. This prevents unauthorized access and protects sensitive or classified data from potential cyber threats.

Traveling in High-Risk Areas: AerLock prevents your device from connecting to Wi-Fi, Bluetooth, or cellular networks in high-risk locations. This eliminates the possibility for man-in-the-middle attacks and unauthorized access common in public networks.

Development Process

We developed AerLock as a cross-platform solution to remotely defend mobile devices, workstations, and servers from cyber attacks through a single handheld device. We built the Android app using Kotlin and Java integrated with HiveMQ’s MQTT cloud for communication. We also developed corresponding Windows and Linux endpoints that listen for MQTT messages and execute system commands based on the received triggers. The backend is powered by secure MQTT protocols, using TLS 1.2 for encrypted communication, ensuring the data transmitted between devices and the server remains secure.

Challenges Overcome

One of the main challenges was implementing consistent behavior and integration across different operating systems (Android, Windows, and Linux) while ensuring secure communication over MQTT. Additionally, dealing with system-level permissions to control communication and hardware features required platform-specific solutions. The complexities of recent security restrictions in mobile operating systems only increased the difficulty. We also encountered hurdles when trying to ensure reliable reconnection logic for MQTT clients during network interruptions.

Accomplishments

We are proud to have developed a fully deployed product integrated with a cloud-based MQTT broker. AerLock offers pre-configured endpoints available for download and easy configuration. It also features customizable endpoints allowing users to create and manage their own MQTT broker, offering customization for various deployment needs. This makes AerLock both user-friendly and adaptable for advanced configurations.

Vision for AerLock

Looking ahead, we plan to expand AerLock's capabilities with several future implementations. Firstly, we want to introduce iOS support, increasing accessibility across mobile platforms. Additionally, we are working on advanced threat detection, incorporating automated triggers to identify and neutralize risks in real-time. Finally, we plan to extend airgap functionality to IoT devices by developing custom endpoints for various connected devices, enhancing security across smart homes, industrial systems, and other IoT environments.