View all newsletters
Receive our newsletter - data, insights and analysis delivered to you
  1. Technology
  2. Cybersecurity
December 8, 2014

Air gap security no longer immune from hackers

Creative attacks involve radio frequency, ultrasound and laser beams.

By Jimmy Nicholls

"Air gap" security, which isolates computers from insecure networks, is not as immune to hacking as was once thought according to security company Symantec.

Researchers at the firm found that cybercriminals are now able to attack secluded machines by analysing radio frequencies emitted by graphics cards, transmitting data through ultrasound and using lasers to interfere with a printer.

John-Paul Power, information developer at Symantec, said: "Industries that deal with sensitive information rely heavily on air-gapped systems to protect their critical data."

"While these systems are more secure than most others, there are ways to compromise them, potentially allowing attackers to steal the affected organisations’ highly sensitive data."

Attacking air-gapped computers is more laboured than mainstream hacking such as phishing and malware dropping, often requiring a mole inside the organisation to work.

One example involving graphics card radio emissions, required an insider to install malware onto an air-gapped computer through a USB stick, instructing the computer to broadcast data and then picking it up through a wireless receiver.

"This technique is the most plausible for data exfiltration," Power said. "Compromising smartphones is something that is well within the capabilities of cybercriminals and nation states, so exfiltrating the stolen data would not be a major hurdle."

Content from our partners
Rethinking cloud: challenging assumptions, learning lessons
DTX Manchester welcomes leading tech talent from across the region and beyond
The hidden complexities of deploying AI in your business

Another method used speakers to transmit data at frequencies above the range of human hearing, with hackers able to rope computers together to relay data across a greater distance.

Attackers could also use a laser beam to send malware instructions through a scanner, though Power said that unless there was a window in the room and the scanner was in use such an attack would be impossible.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.
THANK YOU