Mordechai Guri, a security specialist at Ben-Gurion University of the Negev, has proposed a new method for potentially infiltrating air-gap computing systems using a smartwatch. His findings were published in a paper on the arXiv preprint server.
Air-gap systems are computers that are isolated from other networks, such as the internet, to prevent remote hacking attempts. Typically, the only way these systems can be hacked is through direct physical access or by manipulating someone with authorized access. However, Guri suggests that it may be possible to breach such systems using a smartwatch.
Smartwatches, according to Guri, are equipped with the necessary components—such as microphones—to detect ultrasonic signals emitted by an air-gapped system. These devices could also route the captured signals to speakers or Wi-Fi, enabling them to transmit data to a more advanced device.
In his paper, Guri describes experiments where data was broadcast over ultrasonic frequencies at distances of up to 6 meters, with data rates of up to 50 bits per second. This scenario would involve a hacker gaining access to the target system, installing malware, and broadcasting easily understandable data over ultrasonic signals. A nearby smartwatch could then capture these signals.
Guri envisions scenarios where dormant malware is activated when a hacker approaches. For instance, a hacker could steal a smartwatch, load it with malware, and return it to the owner, allowing the smartwatch to capture and relay data from the air-gapped system without detection.
While Guri admits that such a method would be challenging to execute, it is not entirely impossible. A hacker would still need to get close to the targeted air-gapped system without being noticed—an operation that might involve a spy or insider. However, such an attack would likely be targeted at high-value systems, which are likely to have other layers of physical security.
