What are air gaped systems?
An air gap is a safety feature that isolates a computer or network and prevents it from connecting to the outside world. A computer that is physically isolated and air-gapped is unable to communicate wirelessly or physically with some other computers or network components.
Data must first be copied on a removable media device, like a USB drive, and then physically transported to the air-gapped system from the computer or network. Only a select group of trusted users should be able to access the air-gapped system in situations where security is of the utmost importance.
New Technique
Researchers at Ben-Gurion University of the Negev's Department of Software and Information Systems Engineering have developed a novel method for breaching air-gapped systems that takes advantage of the computer's low-frequency electromagnetic radiation.
According to Mordechai Guri, director of research and development at the Cyber Security Research Center at Ben Gurion University, "the attack is very evasive because it executes from a regular user-level process, does not require root capabilities, and is successful even within a Virtual Machine."
The COVID-bit technique makes use of on-device malware to produce electromagnetic radiation in the 0–60 kHz frequency region, which is then transmitted and detected by a covert receiving device in close vicinity.
After SATAn, GAIROSCOPE, and ETHERLED, which are intended to hop across air-gaps and extract private data, COVID-bit is the most recent method developed by Dr. Guri this year.
By utilizing electromagnetic emissions from a component known as a switched-mode power supply (SMPS) and encoding the binary data using a technique known as frequency-shift keying (FSK), the virus uses the COVID-bit, one of these covert channels, to communicate information.
The research article advises employing antivirus software that can recognize strange CPU patterns in addition to limiting the frequencies that some CPUs can use in order to protect air-gapped computers from this kind of attack.