As it is known, covert channels are communication channels using means of communication that have not been designed with that purpose. It is a type of cyber attack. Covert channels manipulate a communication medium in order to transmit information in an almost undetectable fashion.
Transmissions over the ultrasound spectrum typically have a short distance range due to attenuation. Thus covert channels over ultrasound frequency can have special relevance in scenarios where there is a great concentration of personal devices (laptops, mobile phones, tablets, etc.) in a reduced surface, like airports or aircrafts. Nowadays, the use of tablets is becoming more and more common in the daily aircraft maintenance and operation.
These kind of channels are established by malware to communicate with the command and control server in order to avoid detection by traditional security tools such as antivirus and Intrusion Detection Systems (IDSs). Due to sensitive information that is stored in the cockpit in devices such as Electronic Flight Bags (EFBs) or maintenance devices, these devices are considered as attractive targets for potential cyber attacks.
New malware families are able to establish covert channels in the ultrasound frequency range between different computing systems using audio modulation/demodulation to exchange data between different electronic devices over the air medium.
Microphones and speakers are not currently considered common channels for malicious datalinks, so existing tools do not monitor their activities searching for anomalous behaviors.
Current cyber security is based both in host and network solutions monitoring and in checking the traffic transmitted and received from traditional interfaces (such as Wi-Fi or Ethernet). Firewalls, antivirus, and Intrusion Detection Systems are available from multiple developers and for different platforms and operating systems. However none of them are designed to monitor possible ultrasound transmission through the speaker and the microphone of an electronic device to protect.
As electronic devices such as mobile phones have become very secure, attackers are using unconventional methods for exfiltrating data. IT systems and networks are becoming a critical element of the aircraft generation paradigm. Thus, aeronautical manufacturers and airlines are interested in cyber security solutions to protect their sensitive information and assets.
Speakers on mobile devices can produce ultrasonic sounds, which are frequencies too high for humans to hear, and these inaudible frequencies can be received/detected by a microphone on the same device or on another device.
Ultrasonic sounds do not require permission and can emit sounds to anything that can hear them. Sound can be defined as vibrations in matter, and for example if the user is not holding the electronic device, the vibrations are not noticed.
There are currently no cyber security products to monitor these kinds of transmissions and react when they are detected.
The device and/or method of the present disclosure alerts the user when a malicious transmission is detected, and provides the opportunity of blocking the transmission and uninstalling the application causing the problem.