Malware Can Use Fan Noise To Steal Data From Air-Gapped Systems

Reader Orome1 writes: For the last few years, researchers from Ben-Gurion University of the Negev have been testing up new ways to exfiltrate data from air-gapped computers: via mobile phones, using radio frequencies ("AirHopper"); using heat ("BitWhisper"), using rogue software ("GSMem") that modulates and transmits electromagnetic signals at cellular frequencies. The latest version of the data-exfiltration attack against air-gapped computers involves the machine's fans. Dubbed "Fansmitter," the attack can come handy when the computer does not have speakers, and so attackers can't use acoustic channels to get the info.An anonymous reader adds:Malicious applications use the noise emanated by a computer fan's speed to relay information to a nearby recording device and steal data from air-gapped, isolated systems. The attack relies on selecting a fan speed to represent binary "1" and another for binary "0". A specially crafted malware can alter the CPU, GPU or chassis fan speed between these two frequencies and provide a method to relay data from infected systems. Attackers can then place microphones or smartphones to record the sound coming from the infected machine and steal the data. The attack works for distances of one to four meters, and operates in the 100-600 Hz frequency that can be picked up by the human year. Choosing smaller fan speeds or fan speeds that are closer together can make the attack harder to pick up by a human, but also makes it susceptible to background noise.

Humans!

[TechyImmigrant]

Air gapping machines is not effective.

Why? Because as soon as you air gap a machine, you need humans to ferry the data back and forth.
Now humans can exploited to be the exflitration path.

If you had a wire, you could control the protocol on the wire, put in overlapping constraints on traffic on the wire, and keep the humans out of the room.