Wednesday, December 18, 2013

Computers Can Be Hacked Using High-Frequency Sound: Scientific American

Computers Can Be Hacked Using High-Frequency Sound: Scientific American

A lot of the experts are down playing this exploit, but at great risk, some of the first great attacks against computers where based more on audible and low frequency key board emissions than network exploits. If you could get the passwords a person typed into his computer, we could usually get on the network, in the early days, wirelessly get on some pretty classified networks.  I wrote a blog spot on mixing low and high tech spy techniques to really rock the world of some of these new cyber defenses.

In past blog spots as well as some radio interviews, these type of cyber attacks have been discussed. There is a real issue with cyber security types focusing on just the internet vulnerabilities.  There is a reason the CIA and NSA along with DIA and others still have physical security teams around to exploit any weakness they can find.  All agencies still collect trash, and some of the neatest scanner and computer algorithms are the ones that put shredder trash back together.

In one radio interview I did with JJ Sutton on his show, we discussed all the  ways the agencies put teams together to gain intelligence.  If we can get a draft not encrypted of a policy or meeting notes, we can get a good idea of what else to look for.  At times we have all we where trying to get right there.

Tempest, once a code word, that could not be talked about in an unclassified environment, was some of the first attacks against computers.  Very passe now days, it still is in use, under the right conditions.  This sonic attack is what I am sure some old spies would claim to be a spin off of an even more basic Tempest attack.  Back when people still used typewriters, the measure of the sound and the electrical spike from the time a person hit a key and the print head hit the paper, was very readable, in fact some agencies could read the output of this type of attack as fast as it was typed.

We need to be aware that the oldest school intel attacks, are still in vogue.  The cyber security folks need to watch a little of mission impossible.  If an attacker can get in and put a video camera on your computer screen, it can be just as effective as a computer hack, and we know who actually was working the computer.

When ATM thieves go to work, they use fake card readers attached to the ATM to get the information off the card, but often use video cameras they install close by to get the code you type in to the key pad.  An added advantage is they can often see how much you have in the account over your shoulder as well, which is why most ATM's will only give you a print out of the balance not a visual readout.

Mixing old school with new, is still producing results.

No comments:

Post a Comment