Just to clarify: They're talking about going into an air-gapped network (i.e. cut off from the outside world as far as network transmission of data goes) and using a conveniently-placed (and hacked) cell phone to read signals, convert them into useful data, and transmit that to the attacker? So the cell phone works as a sort of spigot that pours that data into outside networks? Let me know if I'm not reading this right.
You can, by several means, infect computers on the way to the air-gapped facility.
People will use it to store sensitive information, and now you have access to it. You just solved half of the problem.
Now, how to get this data? Internet? No. air-gapped. Send someone to retrieve the machine by force? Too risk and will alert the enemy. Solution: infect the cell phones of the people working there.
Your machine will be continuously broadcasting the information you want and when the infected phone come close to it, communication will occur.
Definitely. Most sophisticated hacking involves multiple steps and sometimes boxes (esp w/ C&C). People should expect the same in EMSEC attacks. And wireless, reprogrammable devices are always a threat that even NSA et al haven't mapped all specifics on. It's why any installation allowing them is insecure to EMSEC by default in my book.
Air gaped computers, still need software to run, MS Office, AudoCAD, SolidWorks, MATLAB or any other thing, they still get updated MATLAB 2014 -> 2015 and so on.
This is the biggest malware entry point.
On the security engineering side, isolated networks monitor less what comes in, but they are extremely strict about what comes out.
