A new data access technique discovered by a research team from Israel's Ben-Gurion University Cybersecurity Research Center allows data to be extracted using a computer's speakers and headphones. What this means is that the "air gap," the ultimate way to protect computers from hacking from the outside, has been breached for the first time ever.
For the hacking to work, a target computer must be infected with a virus that will convert files to audio format. It can then be made to start transmitting them via a custom-made protocol.
"Well, I can just unplug my microphone and I'm safe," you might think. But you couldn't be more wrong, because this technique does not even need a microphone! How?
According to the researchers, most contemporary chipsets allow the jack port (where you stick your headphone connector) to switch functionalities, making it either a microphone port or headphone port on demand. On a physical level, every microphone and speaker are more or less the same: they convert physical air oscillations into electric voltage or vice versa. Therefore, the malefactor might utilize your speakers to create a data transmission scheme, if no microphone or headphone is available.
"The fact that loudspeakers, headphones, earphones and earbuds are physically built like microphones, coupled with the fact that an audio port's role in the PC can be altered programmatically, changing it from output to input, creates a vulnerability which can be abused by attackers," the paper reads.
How effective is this method, though? According to the team, this method, named MOSQUITO, can work on computers standing up to 9 meters away.
The transmission is also quite slow. During their experiment, the researchers managed to get a stable 166 bit/second transmission speed with a margin of error of 1 percent. At the maximum distance of 9 meters, the speed dropped to 10 bit/second but still worked.
MOSQUITO earbuds: Jumping air-gaps via speaker-to-speaker communication #Hacking #PenTest https://t.co/XpskpR1HXZ pic.twitter.com/Ny0DbK2rMf
— Hacking & PenTest Videos (@hack_videos) 12 марта 2018 г.
Previously, "air-gapped" or physically separated computers were considered impervious to an outside hack, even if infected with malware or a virus from a USB storage device. And still, the hardest part for the hacker would be to get the virus file to the air-gapped computer in the first place.
The authors also suggest monitoring ultrasound frequencies, but they warn that this method is prone to raising false alarms.
One could also develop software to prevent jack port retasking or use BIOS to disable audio devices completely.
The method is still in its assessment phase and requires further study, the researchers conclude.
