A well-known security researcher developing inventive ways to siphon data from computers disconnected from the Internet, found a new exploit capable of transferring data to the nearest smartphone.
Air-gapped systems are physically isolated and cannot connect wirelessly or physically to other computers or network devices. You’ll find them in places where network security is paramount, such as critical infrastructure. Although rare, some techniques developed in recent years can defeat air gap insulation, e.g. mosquito attack, which uses the microphone of a nearby smartphone to receive data. Since then, Apple and Google have introduced permission settings in the iOS and Android which block apps from accessing the device’s microphone, and both operating systems use visual indicators when the microphone is active.
But unlike microphones, gyroscopes that come standard with most modern smartphones don’t have the same protection. Gyroscopes are used to determine the rotation speed of a smartphone and are widely considered to be more secure sensors, as neither iOS nor Android show when they are being used, nor do they offer the ability to completely block access.
Now the creator of the Mosquito attack has a new technique that uses the smartphone’s gyroscope to pick up inaudible sound waves nearby, and doesn’t rely on the use of a microphone.
Mordechai Guri, head of research and development at the Cyber Security Research Center at Ben-Gurion University, said in his latest research paper that this new attack, which he calls “Gairoscope,” can take sensitive information from computers with an air gap of just “a few meters.”
Like other exploits against air-gapped systems, Goura’s “Gairoscope” proof-of-concept requires close proximity to an air-gapped system. But from there, an attacker can harvest passwords or credentials by listening to sound waves generated by the system’s air-gapped speakers and picked up by the gyroscope of a nearby smartphone.
While this method is still experimental, Guri and his team recommended some countermeasures aimed at limiting the impact of the new malware, such as eliminating loudspeakers to create a sound-free network environment and filtering resonant frequencies created by audio equipment using an audio filter.