Blog
Disconnected computers can now be infected - using audio...
- Super User
If you thought your "disconnected" computers were safe, think again. In an experiment that has echoes to me of sci-fi (think "Meme Wars") researchers have managed to jump the "air gap" to infect disconnected PCs.
See the Slate article:
Essentially they used audio at inaudible frequencies to "talk" to a disconnected laptop nearly 20 meters away from the infector PC. So imagine an infected laptop carried into your Plant control room, and every now and again it tries to talk to your control system without any visible (or audible) signs.
This is, of course, something that needs careful set-up to work right now, but it's important to our security stance to take nothing for granted. My first thought when I hear about an exploit like this is that someone has already done this in the wild. Are the researchers ahead of the hackers this time? The Slate article hints that maybe there's already malware using this technique. Time will tell.
In the meantime, we need to adjust our thinking slightly. We can't assume that even disconnected computers are safe from malware. I guess we should treat the "air-gap" as just one more layer in a series of defences, rather than relying on it entirely. Multi-layer defences should include firewalls and antivirus by default, and you should definitely consider encryption if the thought of someone else getting at your data is troubling...
Just make sure, if you're doing encryption, do it right, by protecting your keys in a FIPS-140 certified device. If you don't protect your keys, your data is just one step away from being unlocked...