Q
Manage Learn to apply best practices and optimize your operations.

How are air-gapped computers put at risk by the Mosquito attack?

Researchers recently discovered Mosquito -- an air-gapped attack that bites computers to put air-gapped networks at risk. Discover the logistics of this technique with Judith Myerson.

Researchers at Israel's Ben-Gurion University of the Negev discovered a new technique in air-gapped attacks named...

Mosquito, which bites air-gapped computers to make them less secure. How does this technique work?

An attacker needs just three things to turn a speaker or set of headphones without a microphone into a listening device: a USB flash drive, an audio chip capable of emitting sound at near-ultrasonic frequencies and a way to measure the distance between two computers located in the same room to see if they are within range for the attack. The USB flash drive is used to infect air-gapped computers. Any integrated microphone on the computer or the external loudspeaker must be turned off, muted or taped, and the external microphone must be unplugged.

Since all connected speakers, including passive speakers, headphones, earphones and loudspeakers, respond well to the near-ultrasonic range -- 18 kHz to 24 kHz -- a listening device can help the attacker hear data and passwords from the victim's computer and record them on the attacker's computer.

The attack can be carried out within earshot of authorized users of the systems because ultrasonic transmissions are not detectable by the human ear. The ultrasound range starts around 20 kHz and can go up to several gigahertz; in either case, sound in these ranges are undetectable to humans -- our eardrums can't vibrate fast enough to hear any noise at those frequencies.

The risk to air-gapped networks is determined by the maximum distance that data can be covertly transmitted between two infected computers. When speaker-to-speaker communication is used, the computers can be placed a maximum of 29.5 feet apart, but when two headphones with the microphones turned off are used, the maximum distance is only 9.8 feet.

When using loudspeakers, data can be exchanged with a bit rate of 10 to 166 bits per second from a distance of 26 feet. Beyond the maximum distance, however, attackers will be unable to steal data from air-gapped computers.

Ask the expert:
Want to ask Judith Myerson a question about security? Submit your question now via email. (All questions are anonymous.)

This was last published in June 2018

Dig Deeper on Data security breaches

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

Join the conversation

1 comment

Send me notifications when other members comment.

Please create a username to comment.

How have air-gapped networks impact your organization?
Cancel

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close