The pursuit of having a less stressful life has led us to Artificial Intelligence. However, it has only drawn us into the infinite loop of stress. At first, AI took over the jobs, and now, to make things worse, it is being trained to steal data from keyboard keystrokes. With 95% accuracy, it could leak your passwords, messages, or other sensitive information to malicious third parties.
What is an acoustic side-channel attack?
Devices like computers, smartphones, and IoT devices can generate acoustic signals as byproducts of their normal operations. With that in mind, a group of British researchers has trained a deep-learning model that can tamper data by manipulating the sounds of the keystrokes to determine what keys are being pressed. The cyberattack is now called an acoustic side-channel attack.
By analysing these sounds, hackers equipped with the right tools can potentially infer details about the internal operations of a device, such as keystrokes, cryptographic keys, or other confidential data being processed. For instance, the rhythmic pattern of keystrokes or the noise generated during specific computational tasks might provide clues about what actions are taking place on the device.
Acoustic side-channel attacks can be carried out remotely or locally, and compared to other security breaches, acoustic side-channel attacks are easy to perform, thanks to the abundance of microphone-bearing devices that can capture high-quality audio like a pro. Local attacks require the attacker to have physical access to the device, enabling them to place specialised sensors or microphones directly on the device.
How to save your devices from getting attacked?
Mitigating acoustic side-channel attacks requires implementing security measures that reduce unintended sound emissions, such as isolating sensitive components, employing noise-cancelling techniques, or using secure hardware designs that minimise acoustic leakage. You can also replace the physical keyboard with an on-screen keyboard while typing sensitive information on the system.
Here are a few suggestions you can take to mitigate the risk of such attacks:
- Limit physical access to your devices – Prevent unauthorised individuals from physically accessing your devices, as attackers might implant acoustic sensors to capture sound emissions.
- Increase ambient noise – Play background music or use white noise generators to make it difficult for attackers to isolate and interpret the acoustic signals emitted by your devices.
- Isolate devices – Position your devices to minimise the propagation of sound waves. For instance, you can place your laptop on a soft surface to dampen vibrations.
- Disable unnecessary hardware – Turn off microphones and other sensors that aren’t needed for your work to minimise the potential for acoustic data leakage.
- Control your environment – Be cautious when discussing sensitive information in places where acoustic attacks might occur, such as public spaces or areas with thin walls.
- Keep software up to date – Ensure that your operating system and applications are up to date with the latest security patches to mitigate potential vulnerabilities that could be exploited in acoustic attacks.
- Stay informed – Keep up-to-date with the latest research on acoustic side-channel attacks and other emerging threats. This knowledge will help you adapt your protective measures as needed.