The past two post were about extracting data or compromised from air gapped systems via USB flash drive such as Stuxnet or through acoustic sounds generated by the machine's processor and cooling fans called Fansmitter. Researchers at Israel's Ben Gurion University using noises emitted from the device's hard drive.
The attack does require malware be installed on the target. The malware generates the acoustic emissions at specific audio frequencies by controlling the movements of the HDD's actuator arm to specific audio frequencies that can be picked up by a nearby receiver, such as a smartwatch, laptop, or smartphone. It doesn't require the presence of speakers or audio hardware from the target. The attack is effective in a range of six feet at a transfer rate of180 bits per minute.
Countermeasures:
|
Hardware |
SSD Quite HHD Dampener cases Noise detectors Jammers |
|
Software |
HIDS/HIPS Automatic Acoustic Management (AAM) |
|
Procedural |
Zone seperation |
