Each year, companies specializing in cyber-security invest millions and billions of dollars in order to improve the encryption, firewalls and anti-virus systems. The reasons behind this is simple- these three methods are by far the most reliable defensive mechanisms against the traditional hacking attempts. Nonetheless, everyone knows that bad-guys never play by the book and if they can’t find a way to win fair and square, they will simply change the rules of the game. Their next super-weapons are sound waves.
Modern devices, have numerous internal sensors put in charge of various tasks. For example, they are there to see if the phone user is moving (for your fitness apps or GPS), to determine how much time you spend on your apps (for statistical purposes) and even things like power consumption. In other words, all of aforementioned are vital for either improving user experience or helping developers improve these devices in the future. Unfortunately, there is a reasonable doubt that these sensors could be hacked via sound waves.
At first the researchers started noticing a flaw in these sensors. For examples, if a device is playing music, it can accidentally send vibrations which could be interpreted as if the phone is moving, even though it is just sitting on your desk. Sure, this kind of an error isn’t necessarily dangerous for the safety of users or their private information, but it did make researchers ask a single important question: “could this kind of a system glitch be exploited further?”
How serious is all of this?
While making your phone think it’s moving while it is not, may not seem as something horrifying, what if the same thing was possible with a self-driving car. According to some accusations, it is possible to hack a self-driving car with nothing else but a $43 and a laser pointer. It’s simply frightening that this is all it takes to trick their $10,000 worth spinning sensor, but it doesn’t make it any less true. Now try to imagine a world where we drive smart-cars, use smartphones and live in smart-houses. Just to think about the prospect of someone having the total control of our lives can seem quite Orwellian. So yes, hacking through sound waves is quite serious indeed.
The more one thinks about all of this the scarier it gets. Industrial plants all have accelerometers which are easily affected by sound waves. Seeing how these institutions work with hazardous, easily flammable and highly polluting materials, a mistake on this front can be one difficult to repair. It is also quite easy to imagine how this would be used for sabotage in times of war or even as a platform for potential terrorist attacks in the future. Apart from this, accelerometers can be found in high-tech medical equipment, which could pose a significant personal hazard to its test subject. All in all, just the thought of these hypothetical situations is more than enough to send a chill down one’s spine.
Is there a solution
In the light of all these information, there is a single question that tends to impose itself. Is there a protection from such an attack? Well, of course there is, but it would require a total shift in cyber-security defensive doctrine. This would require investing in acoustic shields that prevent outside vibrations from reaching these devices. These shields would be similar to those used as reflection filters for recording vocals, but smaller and specifically customized against outside breaches. Additionally, in order not to obstruct the way the device works, they would have to be specifically designed to filter different kinds of noises. Nonetheless, this is not as difficult as it may be made out to be at first.
In the end, it is important to discuss why we insisted on the term a-bomb in the title. Well, because the possibility of making digital attacks using physical means poses a similar game-changer in the world of cyber security that the development of a-bomb was to a global politics. From this point on, nothing will ever be the same. It might only be a matter of time before someone figures out a way to access the data on your phone through a visual or some other mean. This makes protecting your smart-gadgets much more difficult, but also much more necessary.