In a groundbreaking and unconventional breach, a research team led by Mordechai Guri has unveiled a novel security vulnerability capable of leaking data from air-gapped computer systems—those physically isolated from any network—through smartwatches using inaudible ultrasonic signals.
اضافة اعلان
How SmartAttack Works
The attack method, dubbed SmartAttack, relies on the pre-installation of malicious software on the target computer. This malware encodes sensitive data into ultrasonic signals using a modulation technique known as Binary Frequency Shift Keying (B-FSK):
18.5 kHz frequency = binary “0”
19.5 kHz frequency = binary “1”
These signals are emitted through the computer’s speakers and picked up by the microphones of nearby smartwatches, whether intentionally placed or previously compromised. Specialized apps on the smartwatch decode the signals into digital information, which is then transmitted externally via Wi-Fi, Bluetooth, or cellular networks once the watch wearer leaves the secure area.
According to the research—set to be presented at IEEE COMPSAC 2025—the most likely entry points for such attacks include insider threats, such as disgruntled employees, or supply chain compromises that inject malware early in the device lifecycle.
Why This Attack Is Unique
Unlike traditional attacks that rely on network vulnerabilities, SmartAttack uses physical hardware components (speakers and smartwatch microphones) to establish a covert communication channel, rendering conventional cybersecurity systems like firewalls and intrusion detection tools ineffective.
Limitations and Engineering Constraints
While the concept is innovative, its real-world execution faces several challenges:
Limited microphone sensitivity in smartwatches makes ultrasonic reception more susceptible to noise and interference.
Effective range is constrained to 6–9 meters, and
Data transfer speed is low—about 50 bits per second—making the exfiltration of large volumes of data slow and cumbersome.
Signal quality depends heavily on watch orientation and line-of-sight to the computer.
Despite these constraints, the attack’s significance lies in debunking the myth of complete air-gap immunity, building on Guri’s prior work that includes data leaks via LCD light emissions, electromagnetic noise from cables, fan vibrations, and power supply fluctuations.
Recommended Countermeasures
To defend against such unconventional threats, researchers advise the following:
Ban smartwatches and wearable tech from high-security environments.
Disable or physically disconnect speakers in air-gapped systems.
Deploy ultrasonic jammers to disrupt unauthorized acoustic transmissions.
Implement audio activity monitoring to flag unusual speaker behavior.
Use physical acoustic insulation to block ultrasonic signal transmission.
Final Thoughts
Though SmartAttack remains complex and difficult to carry out at scale, it serves as a critical wake-up call for cybersecurity leaders to rethink their defense strategies. Traditional security paradigms are no longer sufficient—next-generation threats may come from hardware behaviors, not just network breaches. As air-gapped systems continue to be targeted in novel ways, a proactive, multidisciplinary approach is vital to safeguarding sensitive environments.
