All Tech Considered
Wed December 4, 2013
Even Disconnected Computers May Face Cyberthreats
Originally published on Wed October 29, 2014 11:05 am
If your computer is infected with a virus or other forms of malware, disconnecting the machine from the Internet is one of the first steps security experts say you should take. But someday, even physically separating your laptop from a network may not be enough to protect it from cyber evildoers.
German computer scientists have come up with a prototype for building "covert channels" between computers using the machines' speakers and microphones, potentially defeating high-security measures that rely on placing an "air gap" between computers.
The scientists said their network was based on a system originally designed for underwater communication.
"We adapt the communication system to implement covert and stealthy communications by utilizing the near ultrasonic frequency range," Michael Hanspach and Michael Goetz, of the Fraunhofer Institute for Communication, Information Processing and Ergonomics, wrote in a paper published in the November issue of the Journal of Communications.
As Dan Goodin explains in Ars Technica:
"The proof-of-concept software — or malicious trojans that adopt the same high-frequency communication methods — could prove especially adept in penetrating highly sensitive environments that routinely place an 'air gap' between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals."
And such off-network intrusions may be more than theoretical. Ars Technica reported that a mystified security researcher determined his computers, which were unplugged from networks and had their Wi-Fi and Bluetooth cards removed, were infected with malware that used high-frequency transmissions.
The idea of hackers "jumping the air gap" has military officials worried, Geoffrey Ingersoll of Business Insider reported.
"If you take a cybernetic view of what's happening [in the Navy], right now our approach is unplug it or don't use a thumb drive," retired Navy Capt. Mark Hagerott, a cybersecurity professor at the U.S. Naval Academy, said at a recent defense conference. But if hackers "are able to jump the air gap, we are talking about fleets coming to a stop."
As Ingersoll explained in his post, "Ships would find their targeting software exploited and shut down, possibly even hijacked."
Hanspach and Goetz, the German scientists, said their concept poses dangers but added that safeguards could be implemented.
"Acoustical networking as a covert communication technology is a considerable threat to computer security," the scientists wrote in their paper. However, they said such audio snooping could be prevented using "a software-deﬁned lowpass ﬁlter" or a "detection guard" that analyzes audio to identify hidden messages.
But to go through the trouble of putting up such countermeasures, computer owners would have to suspect they were being snooped on first.