- Smartwatches may soon be the latest tool for violating even the most secure computer
- Ultrasonic signals are invisible to us but can transport secrets out of air -caught machines
- Smartattack depends on rare relationship but its option turns out no system ever is for sure
A new research document proposes an unusual method of data filtering from air -gifted systems using Smartwatches.
The concept created by Ben-Gurion University scientists sounds like something out of a spy thriller, but the details reveal how technically complex and narrowly possible such an attack would be.
The method, called “Smartattack”, depends on utilizing the microphone of a compromised smartwatch to receive ultrasound signals from an infected air gifted computer.
The role of malware and portable tech
These ultrasonic transfers work between 18 and 22 kHz, just above the range of human hearing, and can carry data such as keystroke or biometric information at up to 50 bites per second over distances of at least six meters.
For any part of the attack at work, more difficult steps must already be achieved.
First, malware must be implanted on the air -caught system, which in itself is a challenge. As the authors point out, such malware may come through “supply chain attacks, insider threats or infected removable media.”
Once installed, malware is calmly sensing sensitive data and encoding them in ultrasound audio signals. However, the transmission of these signals is only half of the equation.
At the receiving end, a smartwatch, also infected with malware, must be within the correct interval and orientation to retrieve the ultrasound transfers.
Paper writer Mordechai Guri, Ph.D. Described smartwatches as “an underexplorated, yet effective attack vector”, noting that the devices are also subject to unpredictable movement because they are worn on the wrist, reducing the reliability of reception.
Smartwatch will then use its connection features, such as Wi-Fi, Bluetooth or even email, to forward the data back to the striker.
This sequence may be possible in closely controlled experiments, but the implementation in the real world would be significantly more difficult.
Although the paper is hypothetical, it matches real questions as to whether the current cyber security tools, such as the best antivirus or end-point protection software, are equipped to detect or defend against such indirect and unconventional threats.
For organizations using air -caught networks to protect sensitive information, traditional protection may not be enough.
Likewise, while the best identity theft -protection tools are effective against known pantyheds, utilizes this kind of hidden channel hardware and environments in ways that existing solutions may not expect.
The paper recommends more advanced defense, including ultrasound stop, real -time signal surveillance and even ultrasound firewalls.
However, the practicality of such measures, especially in resource -limited environments, remains uncertain.
That said, as with many academic demonstrations, the threat of the real world is more about potential than probability.
Via Tomshardware
