Hacking with Sound

SoundwaveCodeWhat do Tibetan monks, sophisticated hackers and famous rock stars all have in common?

The ability to harvest soundwaves into power.

Case in point: Israeli Video Researchers from the Negev Cyber Security Research Center at Ben-Gurion University discovered a MacGyver-esque way to syphon data from a PC to a mobile device using nothing but the noise that is generated from the disk drive.

Though it sounds like a scenario straight out of a sci-fi spy thriller, hacker have discovered ways to audibly steal data from air-gapped computers using external devices such as microphones, printers and even thermostats. They have even used a computer’s fans and vibrations before. Fortunately for the paranoid, this type of cybertheft can be avoided by simply not using them. Disk drives, however? They might be a bit more difficult to omit.

How it Works

You are the unfortunate victim who somehow manages to get acoustic malware downloaded onto your PC. This malware will most likely be developed to search for key-logging type of data, such as finding passwords or encryption keys. When the program finds such data, it sends a message to the disk drive and tells it to run a fake “seek” function. The disk drive will just sound like random drive noise, but it is actually creating specific patterns and frequencies, in the form of binary code, that are then captured and interpreted by some sort of recording device/smartphone.

Fortunately, there are limitations. Most disks now come equipped with automatic acoustic management (AAM) features whose purpose is to keep such acoustic attacks from happening by reducing “seek” noises on a computer. However, this test was successfully run on a computer whose AAM was set to the default mode.

That being said, the device that is transcribing the binary code is only able to do so at a rate of 10,800 bits/hour, and the recording device must be within six feet of the computer. So it is not going to be a lot of data, but then again, hackers don’t need a lot of speed to steal encryption codes or passwords.

Many hard disks now include a feature called that deliberately dampen seek noise to prevent attacks like these. The researchers say their tests were run with AAM on its default settings.

Prevention

There are, fortunately, ways to keep you and your business safe:

  1. Only use solid state drives. While they are costlier, they are also more secure.
  2. Modify your AAM Settings. Make sure that the AAM values are correctly set so you will be alerted to anything suspicious.
  3. Ban Smartphones. This is very common and should be implemented in any secure area.
image_pdfimage_print

Leave a Reply