Thursday, December 12, 2013

Disconnected Computers are still at Risk for Cyberthreats


Are we really aware of the cyberthreats faced with our computers?  Don’t click on the bothersome floating advertisement, never open mail from suspicious senders, don’t trust your friends sending you a message containing just a link.

Being tricked into installing malware on your own computer is just a click away.  You think you need a new version of Flash because your computer tells you so.  So you click, install, then realize something is funny about the download process.

What do you do then?  Frantically turn your computer off, hoping you just stopped what ever invasion your computer is experiencing?  If your computer is infected with a virus or malware, disconnecting it from the Internet is the first step of security you should take.  But is it enough?

German computer scientists have come up with a prototype for building “covert channels” between computers using the machines’ speakers and microphones.  This potentially defeats high-security measures that rely on the “air gap” between computers.


The air gap is a network security measure that ensures a secure computer network is physically isolated from unsecured networks.  Sometimes the air gap is not completely literal, and dedicated cryptographic devices can tunnel packets over questionable networks while avoiding pack rate or size variation.
Dan Goodin from Ars Technica explains:

“The proof-of-concept software — or malicious trojans that adopt the same high-frequency communication methods — could prove especially adept in penetrating highly sensitive environments that routinely place an ‘air gap’ between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals.”

Research has shown that computers which were unplugged from networks and had their Wi-Fi and Bluetooth cards removed, were infected with malware that used high-frequency transmissions.
Hackers are “jumping the air gap” and worrying even military officials.

“If you take a cybernetic view of what’s happening [in the Navy], right now our approach is unplug it or don’t use a thumb drive,” retired Navy Capt. Mark Hagerott, a cybersecurity professor at the U.S. Naval Academy, said at a recent defense conference. But if hackers “are able to jump the air gap, we are talking about fleets coming to a stop.” – Geoffrey Ingerson of Business Insider

“Acoustical networking as a covert communication technology is a considerable threat to computer security,” the scientists wrote in their paper. However, they said such audio snooping could be prevented using “a software-defined lowpass filter” or a “detection guard” that analyzes audio to identify hidden messages. – Hanspach and Goetz, German scientists

System devices designate security levels as low side (unclassified) and high side (classified).  I’m sure the military has much more interesting information in their computers, but just the thought that nothing can stop computer invasion is scary.

What’s your take on this?  Please leave your comments below!

Be sure to follow us on Twitter at @hyphenet or “Like” us on Facebook to stay up-to-date on the latest computer security threats.


Even Disconnected Computers May Face Cyberthreats – NPR
December 4, 2013

No comments:

Post a Comment