- Academic researchers found a way to send out sensitive data from airgapped systems
- It involves having malware installed on the computer and an accompanying smartwatch
- The attack is quite difficult to pull off
Security experts claim to have found a way to steal sensitive data from airgapped systems using smartwatches.
Airgapped computers are physically isolated from the wider internet and cannot be accessed externally. They are usually used in high -security and critical infrastructure environments to protect sensitive data and various operations.
University researchers led by Murdechai Guri, a specialist in hidden attack channels, discovered a method that allows threat players to wipe out login credentials, encryption keys or keyboard strokes.
Listens to secrets
The method they called ‘SmartTattack’ comes with a lot of warnings, but in theory it sees a threat actor finding a way to either access the target computer physically or have someone (an unsuspecting or unhappy employee) access and implement a piece of malware.
This malware first acts as an infoTealer and collects valuable information for exfiltration. Then it will use the computer’s speakers to emit ultrasound sounds, inaudible to the human ear, to the environment.
The sounds would be played in two frequencies – 18.5 kHz and 19.5 khz. These two form the binary system where the former is zero and the latter – one.
The last step is that the watch should pick up the sounds. It must also have a special app installed on it, so it must either be compromised in itself or it must be worn by the striker.
If that does not sound difficult enough, the watch should face the speakers and must be placed in an interval between 6-9 meters from the speakers. The data transfer rate also varies between 5bps and 50bps, depending on the distance.
There are different ways to prevent smartattacks on airgapped systems, from preventing people from wearing smartwatches, to removing speakers from computers. Sounds jammers could also work.
Via Bleeping computer
