Bombshell: Air-Gapped Computers Can Be Hacked with Speakers, Headphones, and Earbuds

Airgap
LAN connection orange plastic connector isolated on black background

Researchers at Ben-Gurion University of the Negev made a startling discovery that may change the way cybersecurity is handled in the future. One standard precaution to safeguard data is to store it on an air-gapped device. That’s IT-speak for a machine that is never connected to the Internet or any other machine or network that’s connected to it.

The same team at Ben-Gurion University has made it their business to extract data from air-gapped devices in a variety of ways. They’ve done it with radiowaves, electromagnetic waves, by measuring the heat they emit, and they’ve done it by listening to the sounds made by an air-gapped machine’s cooling fans.

So, in the never-ending death of the air-gapping myth, here’s what else those researchers figured out: Data can be extracted from air-gapped computers using earbuds, earphones, headphones and speakers: no microphone required.

“MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker Communication” was published recently by ArXiv. The principle is sufficiently complex to beggar the imagination, but basically (and, yes, I know there is no “basic” way to explain something as deep in the woods of Geekland as this) speakers are microphones, but in reverse. They traffic in the same kind of signals. Speakers turn electronic signals into audio signals, and microphones do the opposite. The addition of a diaphragm in speaker is the only requirement.

The above “maneuver” is called “jack retasking,” turning a speaker into a microphone. And it would be a mere parlor trick version of the earlier discovery that data could be extracted from an air-gapped machine by listening to its cooling fans, but for the fact that speakers, headphones and even earbuds can be jack retasked with malware, and an air-gapped machine within 9 meters of an infected machine that is connected to a network is susceptible.

It’s a scary attack that is rendered no less heady if you want to read more, here.