- Academic researchers found a way to broadcast sensitive data from airgapped systems
- It involves having malware installed on the computer, and an accompanying smartwatch
- The attack is rather difficult to pull off
Security experts claim to have found a way to steal sensitive data from airgapped systems using smartwatches.
Airgapped computers are physically isolated from the wider internet, and cannot be accessed remotely. They are usually used in high-security environments and critical infrastructure, to protect sensitive data and various operations.
University researchers led by Mordechai Guri, a specialist in the field of covert attack channels, discovered a method that allows threat actors to exfiltrate login credentials, encryption keys, or keyboard strokes.
Listening to secrets
The method, which they named ‘SmartAttack’, does come with quite a few caveats, but in theory, it sees a threat actor finding a way to either access the target computer physically, or have someone (an unsuspecting, or disgruntled employee) access and deploy a piece of malware.
That malware will first act as an infostealer, gathering valuable information for exfiltration. Then, it will use the computer’s speakers to emit ultrasonic sounds, inaudible to the human ear, to the environment.
The sounds would be played in two frequencies – 18.5 kHz, and 19.5 kHz. These two form the binary system, with the former being the zero, and the latter – the one.
The final step is for the watch to pick the sounds up. It, too, needs to have a special app installed on it, so it either needs to be compromised itself, or it needs to be worn by the attacker.
If that didn’t sound difficult enough, the watch needs to be facing the speakers, and should be placed in a range between 6-9 meters from the speakers. The data transmission rate also ranges between 5bps and 50bps, depending on the distance.
There are different ways to prevent SmartAttacks on airgapped systems, from preventing people from wearing smartwatches, to removing speakers from the computers. Sound jammers could also work.
Via BleepingComputer
