One of the go-to strategies for securing a computer network when a machine is infected with malware is to remove that machine from the network. This effectively prevents the malware from spreading to other devices. This Technique is called ' Air-Gapping ' which isolates the system by introducing air gap and cuts network Connectivity. However, 
Hackers Can Infect your machine when not connected to Network using “Air-Gap Malware ".. Tweet Thistweet-graphic-1.png?width=25

How does it work and how it came into existence?

Research has showed that the sounds of a dot matrix printer can be used to reverse-engineer the content being printed. In effect this means that any person sitting in the reception area of the doctor can record the sound of the printer and can reconstruct the printed text.
Air-gap malware is that which is able to jump the air-gap by "translating" malicious computer code into high-frequency sound, then transmitting that sound to infect nearby computers.
Computer data can't travel over the air in its raw form, but your computer's sound card is more than enough to "broadcast" the malware as inaudible sound that interacts with other machines. It doesn't care what network a computer is on.

Scientists claims that they have created computer virus that transfers stolen data using inaudible sounds
Just using the built-in speakers and microphone in a pair of commercially available laptops, the researchers were able to transfer small amounts of sensitive data across a distance of almost 65 feet(This distance can be increased using network of controlled devices). The Scientists build the software but the One significant drawback of the that the data transmission rate was only 20 bits per second - enough to send basic text, but too small to transfer any larger multimedia, such as video. With Such as small bandwidth only critical information can be shared like keystrokes private encryption keys or maybe malicious commands to an infected piece of construction."

What are the Consequences?

The attacker would probably have to be very sophisticated to be able to pull of something like this." There's not really a way to proactively protect yourself from air-gap malware. The techniques that go into employing air-gap malware are complex and can only be orchestrated by a very skilled hacker
It will be very lethal  when used for Cyber Warfare a Global Digital Weapon. Government agencies can leveraged this technique, since they have ample money and time to hire sophisticated attacker and involve in research for developing malware which can share data at high transmission rate.

( More:  Join the community of 1400+ Chief Information Security Officers.  Click here )


What are the techniques you will use to prevent 'Air-Gapping' Malware? Share your views in the comments below . 

E-mail me when people leave their comments –

You need to be a member of CISO Platform to add comments!

Join CISO Platform

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)
 

CISO Discussion Conference

  • Description:

    The sessions will explain the Security Market Ecosystem, Problems that CISOs face when trying to purchase a product in that segment, the architecture, business impact & more.

  • Created by: pritha