This happens by two things: First, your air-gapped system is already infected, and second one is an infected cellphone is nearby. For the before system, this would be incredibly difficult on any of the air-gapped systems I've used, as any software being brought into the building must be throughly scanned and checked before getting near the system. As for the latter, every place with air-gapped systems I've worked at has mandated that all cell phones and electronic devices must be kept outside the RF shielded office..
Dear Ganesh Kalyanasundaram, Security researchers have demonstrated proof-of-conceptmalware that can exfiltrate data using high-frequency transmissions inaudible to humans.This means keystroke and other data can be captured and transmitted from “air-gapped” or isolated computers containing ultra-sensitive information or running control systems for critical infrastructure. Computer scientists have proposed a malware prototype that uses inaudible audio signals to communicate, a capability that allows the malware to covertly transmit keystrokes and other sensitive data even when infected machines have no network connection.The proof-of-concept software—or malicious trojans that adopt the same high-frequency communication methods—could prove especially adept in penetrating highly sensitive environments that routinely place an "air gap" between computers and the outside world. Using nothing more than the built-in microphones and speakers of standard computers, the researchers were able to transmit passwords and other small amounts of data from distances of almost 65 feet. The software can transfer data at much greater distances by employing an acoustical mesh network made up of attacker-controlled devices that repeat the audio signals. The researchers, from Germany's Fraunhofer Institute for Communication, Information Processing, and Ergonomics, recently disclosed their findings in a paper published in the Journal of Communications. It came a few weeks after a security researcher said his computers wereinfected with a mysterious piece of malware that used high-frequency transmissions to jump air gaps. The new research neither confirms nor disproves Dragos Ruiu's claims of the so-called badBIOS infections, but it does show that high-frequency networking is easily within the grasp of today's malware.
The simple answer is you stop anything that can jump the gap.
So:
1) Acoustic emission/reception (microphone, speaker, and limit fan and hard-disk noise by choice of component and acoustic noise surpression)
2) Electromagnetic - Electromagnetic shielding and physical distance (you can even get conducting paints to paint your room with if you cannot setup a true Faraday cage). This includes stopping Bluetooth, WiFi.... but also the electromagnetic signals induced by the computer as a side-effect e.g. from the graphics card interface.
3) Optical/Infrared - Anything from stopping Line-of-sight to the screen to LEDs on your system as well as IR devices and in the other direction cameras. This means physical security near the machine, cover LEDs and use special screens to limit the viewing angle.
4) Thermal (this is a bit speculative but possible, at very low data rates). This works as a computer must be able to monitor its temperature and your HVAC can vary temperature and is often less protected.
5) Removable Media: Obviously block any ports for removable media (USB ....).
If you need one method to transfer information stick to Write Once CD. Even use mini-CDs for small data transfers.
- Badges
- Science topic
- Similar topics
- Engineering
- Computer Engineering