Tapping premises using speakers and acoustic systems
How a speaker transforms into a microphone
You probably know that microphones and speakers are transducers. A microphone converts a sound wave to an electrical signal, while a speaker converts an electrical audio signal into a sound.
But I have to break some bad news… Any of your speakers, acoustic systems, headphones can be used as a microphone to tap the perimeter of your premises.
Of course, if there aren’t amplifiers around, an acoustic system will be inferior to a microphone within the premises being tapped. I’ve seen research mentioning that speakers are capable of listening in on premises within a 10-meter radius, but I suppose it is quite realistic to use them for tapping premises within 3-5 meters, in other words, covertly listen to a person using his device.
If you take a few minutes of your time and search for the instructions on how to reverse a speaker into a microphone on the Internet, you will be surprised at the sheer number of matches. Unfortunately, it can be performed using code, and the worst part is that it can be carried out remotely.
Currently there are many solutions that prevent an attacker from getting unauthorized access to a microphone, and you will know about them in a separate chapter. However, there are no software tools to protect yourself if your speakers are employed as microphones.
Interview widget: Did you know that premises can be tapped using speakers and acoustic systems?
Using speakers for data transmission over an air-gapped system
Air-gapped systems refer to the systems that are physically isolated from unsecured networks. It is impossible to perform an attack from the Internet, and researchers are constantly exploring new methods that could penetrate this type of protection. Even if an attacker succeeds in infecting such system using a compromised USB flash drive, how can he set up data exchange with the compromised system?
One such attack vector would be to use the speakers of a compromised air-gapped system for receiving and transmitting data. A team of researchers at Israel's Ben Gurion University were able to reverse the passive speakers to covertly exchange data between two air-gapped computers at the speed of 166 bits per second from a distance of three meters and up to 10 bits per second from a distance of nine meters away from each other.
The Israeli researchers showed that covert exchange data us possible between two air-gapped systems if an attacker uses inaudible ultrasonic waves. The security experts dubbed the method Mosquito, and if your job involves air-gapped system protection, you might want to take a closer look at their research paper.
Protection from getting tapped through speakers and acoustic systems
You have several options at your disposal. Option number 1: you can physically disconnect your acoustic system, and if it is a built-in one – destroy it. This is not that hard, and it can be done at any computer repair center. But it is unlikely that you will choose such a drastic measure to tackle the problem.
An alternate method would be to disable the option of using audio equipment through UEFI/BIOS. You will find about this method of defense in the next chapter, though it’s not easy to make a universal guide for all devices, and you will probably have to handle your computer independently.
Your third option is to go for technical devices used for sound deadening. A similar device can be obtained at AliExpress, overall you may find it useful to purchase one for some important negotiations to guard against being recorded, and especially for the negotiations that take place around a computer with speakers.
There are ultrasonic, electromagnetic deadeners, noise generators out there, and as much as this theme is interesting, it is not covered by the network security course, and you will do well looking for all the necessary information on the Internet.
Any solution will be suitable for you as your computer’s speakers are unlikely to be professionally equipped for unwanted disturbances.
Interview widget: What method of protection will you choose?