Can air-gapped computer security really be bypassed using covert headphone-to-headphone communication outside the lab, or is this not a real-world threat?
The Cyber-Security Research centre at Ben-Gurion University of the Negev in Israel has published research demonstrating how air-gapped computer security can be bypassed using covert speaker-to-speaker, or even headphone-to-headphone, communication. The researchers describe how the air-gap between two isolated computers can be bridged by opening a covert communications channel using the speakers of each machine. It is claimed that the technique, which has been codename Mosquito, can also enable this communication between microphone-less headphones. This sounds suspiciously like a case of an interesting attack methodology in theory, or at least within the confines of the lab environment, but not so much a practical attack-vector in the real-world. Let’s dig a bit deeper…