“Air gapping” is a security measure that involves a computer being physically isolated and incapable of connecting wirelessly or physically with other computers or network devices. It’s used in high security setups. The idea is that if the system is physically incapable of connecting to other systems or networks, it should be safe. Right?

A new attack method named COVID-bit uses electromagnetic waves from power supplies to transmit data from air-gapped systems. Using this attack, even if the computer is completely isolated and unplugged from the internet, the researchers demonstrated collecting information emanating from the device by a nearby smartphone or laptop over a distance of at least two meters – even if a wall separates the two.

Researchers created a malware program that regulates CPU load and core frequency in a particular manner to make the power supplies on air-gapped computers emanate electromagnetic radiation on a low-frequency band (0 – 48 kHz).

While the attack requires at least one instance of physical access to install the malware, such attacks have happened. Examples include the Stuxnet worm in Iran’s uranium enrichment facility at Natanz, Agent.BTZ that infected a U.S. military base, and the Remsec modular backdoor that collected information from air-gapped government networks for over five years.

Mordechai Guri explains the primary source of electromagnetic radiation in switched mode power supplies is due to their internal design and switching characteristics in the technical paper. “In the conversion from AC-DC and DC-DC, the MOSFET switching components turning on or off at specific frequencies create a square wave,” the researcher details. The electromagnetic wave can carry a payload of raw data, following a strain of eight bits that signify the beginning of the transmission.

The attack works against air gapped pc’s, laptops, and even a raspberry pi. The receiver can be as simple as a cell phone.

Definitely worth a read.

Links:

• https://www.bleepingcomputer.com/news/security/air-gapped-pcs-vulnerable-to-data-theft-via-power-supply-radiation/#:~:text=To%20transmit%20the%20data%20in,(0%20%E2%80%93%2048%20kHz).
• https://arxiv.org/pdf/2212.03520.pdf