Skip to content ↓ | Skip to navigation ↓

While the debate rages on as to whether malware like badBIOS could theoretically “jump the air gap” between systems connected to the Internet and those that are isolated because of their critical nature, the U.S. Navy is nonetheless expressing concern.

“If you take a cybernetic view of what’s happening, right now [the Navy’s] approach is unplug it or don’t use a thumb drive,” said retired Capt. Mark Hagerott, who warned that if hackers “are able to jump the air gap, we are talking about fleets coming to a stop.”

Hagerott made the comment at the recent Defense One conference in reference to not only the risk of a tainted USB drive or other removable device infecting protected systems, but also in regards to the possibility that malware could transmitted via high-frequency sound waves and target critical networks.

The theoretical “badBios” malware notion has been causing a stir in the security fiend ever since researcher Dragos Ruiu asserted he believes he observed encrypted data packets being transmitted between an infected laptop and an unconnected badBIOS-infected system in close proximity, effectively jumping the air gap with ultra-sonic sound waves.

After disabling the laptop’s speaker and microphone, Ruiu said the communications ceased. If confirmed to be the case, badBIOS-like malware could contront the Navy and others with isolated systems with an entirely new attack vector.

“If you could jump the air gap, that would disrupt the world balance of power,” Hagerott said.

Read More Here…

10 Ways Tripwire Outperforms Other Cybersecurity Solutions
  • Ed H.

    One of the biggest issues here is that in order to "jump the air gap" using audio, the receiving system must already be infected. There is no mechanism right now for any computer to become infected by receiving audio. It could certainly use audio for inter-infected-system-communication, but not for the base infection itself.

    Of course, while infecting laptops (and other computers with microphones and speakers) is a bad thing, this won't affect the most critical systems – servers. Servers don't have microphones and speakers, so that vector is truly impossible. Most non-household desktop PCs are also very unlikely to have a microphone or loudspeakers. (Although many webcams have microphones, and some headphones can be loud…)

    • Agree Ed – highly theoretical at best, but many threats that begin in someone's imagination do actually materialize down the road. Worth exploring the possible threat vector.

<!-- -->