- Smartwatches may soon be the newest tool for breaching even the most secure computer
- Ultrasonic signals are invisible to us but may carry secrets out of air-gapped machines
- SmartAttack depends on rare conditions, but its possibility proves no system is ever completely safe
A new research paper proposes an unusual method of data exfiltration from air-gapped systems using smartwatches.
The concept, created by researchers from Ben-Gurion University, sounds like something out of a spy thriller, but the details reveal just how technically complex and narrowly feasible such an attack would be.
The method, dubbed “SmartAttack,” relies on exploiting the microphone of a compromised smartwatch to receive ultrasonic signals from an infected air-gapped computer.
You may like
The role of malware and wearable tech
These ultrasonic transmissions operate between 18 and 22 kHz, just above the range of human hearing, and can carry data such as keystrokes or biometric information at up to 50 bits per second over distances of at least six meters.
For any part of the attack to work, multiple difficult steps must already be accomplished.
First, malware has to be implanted on the air-gapped system, which itself is a challenge. As the authors point out, such malware might get there through “supply chain attacks, insider threats, or infected removable media.”
Once installed, the malware quietly harvests sensitive data and encodes it into ultrasonic audio signals. However, transmitting those signals is only half of the equation.
On the receiving end, a smartwatch, also infected with malware, must be within the correct range and orientation to pick up the ultrasonic transmissions.
Paper author Mordechai Guri, PhD described smartwatches as “an underexplored yet effective attack vector,” noting the devices are also subject to unpredictable movement because they’re worn on the wrist, reducing the reliability of reception.
The smartwatch would then use its connectivity features, like Wi-Fi, Bluetooth, or even email, to relay the data back to the attacker.
This sequence may be possible in tightly controlled experiments, but real-world implementation would be significantly harder.
Although the paper is hypothetical, it does prompt real questions about whether current cybersecurity tools, such as the best antivirus or endpoint protection software, are equipped to detect or defend against such indirect and unconventional threats.
For organizations using air-gapped networks to safeguard sensitive information, traditional protections may not be enough.
Likewise, while the best identity theft protection tools are effective against known threat vectors, this kind of covert channel exploits hardware and environments in ways that existing solutions might not anticipate.
The paper recommends more advanced defense, including ultrasonic jamming, real-time signal monitoring, and even ultrasonic firewalls.
However, the practicality of such measures, especially in resource-constrained environments, remains uncertain.
That said, as with many academic demonstrations, the real-world threat is more about potential than probability.
Via TomsHardware
