Researchers use sound to compromise hard drives in new DOS proof-of-concept
In an entirely new twist on the security of hard disk drives (HDDs), a team of researchers from Princeton and Purdue University have released a paper demonstrating how acoustic signals at specific frequencies can compromise devices that rely on HDD technology.
Motivated by the insight that computers, closed-circuit television (CCTV) systems, medical bedside monitors, and even automated teller machines (ATMs) heavily rely on HDDs, the team of six borrowed concepts from “resonance scattering theory” to prove HDDs could leak critical private information through acoustic or electromagnetic emanations.
The team proposes an innovative denial-of-service (DoS) attack against HDDs that, instead of exploiting software, exploits a physical phenomenon known as “acoustic resonance.”
In what the team believes is the first instance of non-contact denial of service security attacks against HDDs, the paper investigates how an attacker can leverage acoustic resonance “to negatively affect the regular operation of HDDs.”
The researchers then highlight the negative consequences of the proposed attack using two real-world case studies involving a regular computer and a CCTV system.
“We demonstrate how an attacker can disable a CCTV system by targeting its digital video recorder (DVR) device. Further, we show how the proposed attack can target a personal computer, causing a failure in its underlying OS,” the paper reads.
To perform the acoustic attack proof-of-concept without any barrier shielding the HDD, the team opened up a hard drive and left its parts exposed to the carefully crafted sound waves. This, according to the team, was an effort to “better analyze potential vulnerabilities.” The team”s experimental setup is depicted in the image above.
After performing a number of attacks, SMART logs of tested HDDs showed increased “Seek_Error_Rate,” a pre-failure attribute that that can hurt the system”s performance.
In the case of CCTV cameras, “every frame of video stored on a DVR could potentially be highly crucial forensic evidence,” the paper reads, making this vulnerability extremely feasible to bad actors.
Read the full research paper (highly recommended) to learn more about potential attackers and their capabilities, halting Read/Write operations through sound, as well as the interesting physics behind the proposed attack.
Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US
July 16, 2021
How to protect yourself against cyberstalking
July 06, 2021
The Top Five Security Risks Smartphone Users Face Today
July 02, 2021
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials
July 02, 2021
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger
June 30, 2021
FOLLOW US ON
You might also like
August 02, 2021
July 30, 2021