An air gapped device is one of the safest way to store your data, and is an excellent defense against many methods of attack. Most virus and malicious strings of code require an internet connection to actually get into the device, and they all require a connection to get out. An air gapped device has no such vulnerability, by nature it has no ability to communicate with the outside world. The only way to meaningfully interact with an air gapped device is to physically do so. A flash drive or other media device can install any necessary programs or offload data from the machine in question. Recently however, it’s been revealed that air gapped devices aren’t quite so impregnable. If you ever watched a spy movie, you’re familiar with the concept of a shotgun microphone. There’s always a scene were some covert types point some kind of black box at their target and suddenly they can hear everything they’re saying. There are also laser microphones that are capable of reading sound through the vibrations in the windows of a room. Extremely advanced mathematical modelling and a laser microphone have been used to recreate a conversation by observing the vibrations in an open bag of potato chips through a window. A similar technique is employed to snag data that’s supposedly safely locked away in air gapped device.
Computers make noise, as anyone who’s been around one can attest. You can hear when your computer is writing, or reading, from its hard drive. There are minuscule changes in the ambient noises a computer makes for every action it performs, and while it’s beyond human hearing, it isn’t beyond a machine’s. With foreknowledge of the computer in question, and using some powerful modeling software, it’s possible to listen to the ambient noise and reconstruct the data that a computer is accessing. This is especially true when the air gapped computer has been infected with something, there might not be an internet connection for high-speed data transfer, but that doesn’t matter. Now air gapped devices can be hacked just by getting something in their systems, and the data transfer is untraceable and essentially unoticeable. With the proper technology the infected device can be set to transmit data through its fans, running lights or anything else that can be controlled and recorded. A simple camera, something that isn’t usually air gapped, can be set to watch the device and record every piece of data.
Max is a Legal Assistant and author residing in the Philadelphia area He has been writing for AskCyberSecurity.com since early 2017.