Radio signals could give attackers a foothold inside air-gapped devices
Air-gapped systems are meant to stay quiet. Remove network ports, lock down inputs, and the device should have nothing to hear. A new study shows that this breaks down when software control is lost. Embedded devices with no radios and no sensors can still receive wireless commands through the air.
Starting from a familiar threat model
Security teams will find the setup familiar. An attacker first gains code execution on an embedded device through means such as a malicious firmware update or a supply chain issue. The device remains physically isolated from networks, with no wireless interfaces present by design.
Previous research focused on getting data out of such systems. This work reverses the direction. The goal is to send information into the device, enabling command and control without cables, sensors, or physical access.
Earlier attempts at air-gap infiltration relied on components like microphones, cameras, LEDs, or temperature sensors. Those methods imposed strict limits on distance, alignment, or data rate. The authors set out to test whether embedded hardware itself could act as a receiver.
The building blocks hiding in plain sight
Three common hardware elements matter here. Together, they form an unintended radio receiver.
A printed circuit board, or PCB, is the physical board inside a device. It holds chips and copper traces that carry electrical signals. At certain frequencies, those traces can pick up radio energy from the surrounding environment.
General-purpose input output pins, known as GPIOs, are software-controlled connection points on a microcontroller. Software settings determine how signals enter the chip, which affects how radio energy couples into it.
An analog-to-digital converter, or ADC, measures voltage changes and converts them into numbers software can read.
When radio energy couples into a PCB trace connected to a GPIO, small voltage changes appear inside the chip. Circuit behavior shifts that high-frequency energy into slower variations. The ADC captures those variations, allowing software to detect patterns in the signal.
Finding the sensitive paths
The researchers built a systematic method to search for these effects. Devices were cycled through internal ADC connections and GPIO configurations. For each setup, they exposed the device to a controlled radio signal.
They collected ADC samples with the transmitter off and then with it on. By comparing the two, they measured how strongly each configuration responded to radio energy. Signal-to-noise ratio was used to quantify sensitivity.
This process covered dozens of internal paths per device and dozens of GPIO settings per path. The result was a map of where radio energy leaked into the system in a measurable way.
Device testing revealed consistent radio responsiveness
After validating the method on development boards, the team expanded the test set to 14 devices. The group included 12 commercially available products and two custom-built boards, spanning hardware wallets, microcontroller development boards, and a small drone platform.
Repeatable radio reception appeared between 300 and 1000 megahertz, with detectable signal power reaching down to about 1 milliwatt.
Every tested device showed measurable radio sensitivity. Some had only a few sensitive paths, others had dozens. Several platforms reached peak signal-to-noise ratios above 30 dB.
The researchers ran tests on bare circuit boards to isolate the mechanism. Enclosures reduced sensitivity in some cases but did not remove it entirely. The results showed that this behavior is not tied to one product type or vendor.
Stability across samples and time
For an attack to work, sensitivity needs to be predictable. Multiple copies of the same board model were tested using the same configurations and signal settings. Several sensitivity patterns appeared consistently across samples, meaning an attacker could characterize one device and apply those findings to another of the same model.
They also measured stability over 24 hours to assess whether the effect persisted beyond short test windows. Most sensitive frequency regions remained consistent over time, with modest drift in some paths. Changes in device orientation affected signal strength while maintaining reception, indicating that physical placement influences signal quality rather than viability.
Ground isolation experiments showed that signals arrived through the air rather than through cables. In some cases, removing a USB cable reduced sensitivity. In others, sensitivity increased. This confirmed that board-level coupling alone can support reception.
Turning sensitivity into data
Once sensitive paths were identified, the team tested data reception. They used on-off keying, where the transmitter switches a carrier on for a one and off for a zero. This choice matched the observed behavior, which distinguishes between presence and absence of a signal.
Under ideal synchronization, several paths achieved bit error rates below 1 percent when estimated received power reached about 10 milliwatts. One path stayed below 2 percent at roughly 1 milliwatt.
Bandwidth tests showed that symbol rates up to 100 kilobits per second remained distinguishable, even as transitions blurred at higher rates.
In a longer test, the researchers transmitted about 12,000 bits at 1 kilobit per second. At three meters, reception produced no errors. At 20 meters, the bit error rate reached about 6.2 percent. Errors appeared in bursts that standard error correction could address.
The same setup worked through a concrete wall, showing non-line-of-sight reception.
What the measurements say about defenses
The paper includes experimental observations on mitigation. Metallic shielding blocked reception in lab tests. Plastic cases reduced signal strength.
Custom boards with a continuous ground plane showed more than 20 dB lower sensitivity across wide frequency ranges compared to boards without one. Residual sensitive paths remained, showing that grounding reduces exposure.
The study also mentions spectrum monitoring and intentional interference as possible responses, though these approaches carry operational consequences.