Security risk?
Credit: PC Advisor
You probably have a good idea of how to avoid having your various computing systems attacked. It may be time to think again. Proof-of-concept has just been demonstrated for two new ways to overcome security precautions.
1. An attack on Siri or Google Now with voice commands (which are barely audible to humans) embedded in videos http://www.theregister.co.uk/2016/07/11/siri_hacking_phones/
2. Manipulating the speed of a computer’s internal fans to steal data from air-gapped machines https://www.wired.com/2016/06/clever-attack-uses-sound-computers-fan-steal-data/ / group researchers Israel highly adept stealing data from air-gapped computers machines prized by hackers security reasons never connected to the Internet connected to other machines connected to the Internet making it difficult to extract data from them Mordechai Guri manager research and development Cyber Security Research Center Ben-Gurion University colleagues lab designed attacks various methods extracting data from air-gapped machines methods radio waves electromagnetic waves GSM network heat emitted by computers lab’s team found yet another way undermine air-gapped systems sound emitted by cooling fans inside computers technique steal limited amount of data siphon encryption keys lists usernames passwords keylogging histories documents more than two dozen feet away researchers technical details attack paper siphon encryption keys passwords rate of 15 to 20 bits per minute 1,200 bits per hou working on methods accelerate data extraction use two fans concurrently same machine CPU chassis fans double transmission rates research colleagues Yosef Solewicz Andrey Daidakulov Yuval Elovici director Telekom Innovation Laboratories Ben-Gurion University working on more techniques accelerate make it much faster air-gap myth air-gapped systems classified military networks financial institutions industrial control system environments factories critical infrastructure protect sensitive data networks machines aren’t impenetrable steal data attacker needs physical access to the system removable media USB flash drive firewire cable connecting air-gapped system another computer attackers use near-physical access covert methods Ben-Gurion researchers devised challenge assumption air-gapped systems are secure using sound waves steal data high-security environments not require sensitive systems air-gapped external internal speakers systems removed disabled create audio gap using computer’s cooling fans also produce sound researchers bypass protection steal data computers fans CPU fan chassis fan power supply fan graphics card fan operating fans generate acoustic tone blade pass frequency louder with speed attack increasing speed frequency fans transmit digits encryption key password nearby smartphone computer different speeds representing binary ones zeroes data attackers extract test researchers 1,000 RPM represent 1 1,600 RPM represent 0 one zero air-gap hacks stealing data computers using heat researchers hack air-gapped computer cell phone attackers radio signals mobile phones steal protected data attack researchers air-gapped machines targeted machine infected with malware researchers proof-of-concept malware Fansmitter manipulates speed computer’s fans malware air-gapped machines insurmountable problem real-world attacks Stuxnet Agent.btz sensitive air-gapped machines infected via USB drives receive sound signals emitted target machine attacker infect smartphone someone working near machine malware detect decode sound signals transmitted send attacker via SMS Wi-Fi mobile data transfers receiver within eight meters 26 feet targeted machine secure environments smartphones attacker infect internet-connected machine in the vicinity targeted machine fans operate few hundred RPMs few thousand RPMs noticing fluctuations fan noise attacker lower frequencies transmit data close frequencies differ only by 100 Hz signify binary 1’s and 0’s fluctuating speed natural background noise of a room human ear much more sensitive attack systems no acoustic hardware speakers design servers printers internet of things devices industrial control systems attack multiple infected machines transmitting receiver distinguish signals fans multiple infected computers transmit signals different frequencies methods mitigate fan attacks software detect changes in fan speed hardware devices monitor sound waves drowning dalek commands Siri voice-rec hack attack boffins embed barely-audible-to-humans commands inside vids videos vid video fool virtual assistants university boffins brewed one of the most complex mechanisms loading malware onto phones surreptitious Google Now Siri voice commands hidden in YouTube videos attack phones state receive voice commands feature often left unlocked close enough audio source instructions to be understood masking phone's beep acknowledgment voice commands have been received could alert users to an attack researcher researchers research boffins Tavish Vaidya Yuankai Zhang Micah Sherr Clay Shields Wenchao Zhou Georgetown University Nicholas Carlini Pratyush Mishra David Wagner University of California Berkeley paper Hidden Voice Commands give away beeps can precise conditions countered noise cancelling from the same attacking audio source users ignore beep LED flashes vibrations Apple Google operating systems alert systems sounds paper builds on existing work hidden voice commands constructed very little knowledge speech recognition system significantly improved attacks adversaries significant knowledge speech recognition system construct hidden voice commands humans cannot understand detection mitigation strategies limit effects attacks speech recognition audio CAPTCHAs proof-of-concept video boffins phone empty conference room three metres 10 feet from a speaker commands issued sound like a drowning dalek garbling garbled commands difficult for humans to understand passable for Siri attackers activate airplane mode denial of service attack open website paper substituted phishing malware download site successful effort malware writers malware fake Pokemon Go apps viral app tricked into dodgy substitutes commands easy to understand proof-of-concept video priming effects words spoken researchers /
