Malware Attacks: Even When the Computer Is Unplugged; Data Leak Via Sound Waves; Should Google's SlickLogin Be Worried?
By Pavithra Rathinavel | March 8, 2014 11:44 AM EST
Preventing your network of computers from cyber attack (malware), the first logical step is isolating the affected computer from the network. Such technique is known as "air-gapping."
But as a deathblow to the time tested method of unplugging the affected computer to save the rest of the computers in the network, we now have a new malware to worry about. It is where air-gapping does not help prevent the spread of malware within the network. This is achieved with the help of "hidden acoustic waves."
How Does This New Malware Work?
According to a recent study conducted by scientists Michael Hanspach and Michael Goetz, this type of malware can escape air-gap by interpreting malicious computer code into sound waves, which is then transmitted by using a computer's peripheral device to attack the nearby computers. Speakers, sound cards and microphones are mostly overlooked entities in security planning. Using frequencies outside the range of human hearing, such messages can escape detection.
How Was This Malware Discovered?
In a proof-of-concept from Germany's Fraunhofer Institute for Communication, Information Processing and Ergonomics, researchers could use the built-in speakers and microphones of computers to transmit passwords and other data at a rate of 20 bits per second over a distance of almost 20 meters, allowing the malware to leak data to the outside world.
Should You Be Worried?
According to Telegraph, the networks relying on acoustical communication are very rarely used because of the much higher bit rates and ranges offered by radio transmission. Citing infrastructure problems, this particular malware may not take off in a full-fledged Avatar until sometime. So there is nothing much to worry about at this.
What Are the Countermeasures To Prevent Attacks?
When a computer is affected by a malware, apart from disconnecting the system from the network, the audio input and output devices should be switched off or unplugged. The scientists claimed this is the only way to prevent such attacks.
Will This Malware Have Any Implication On Google's SlickLogin Acquisition?
Google acquired Israeli security startup firm, SlickLogin. The idea is to let the user login easily and hassle-free enabling the authentication to be effective.
SlickLogin uses smartphones and high-frequency sounds for identity verification at Web sites. It doesn't just offer two-factor authentication. The sound waves can also transmit user account information. This means you could log in to a Web site by doing nothing other than holding your phone next to a computer. The sound wave takes care of all the data transfers.
Should Google be worried about SlickLogin's core ideology?
To contact the editor, e-mail:
Join the Conversation
- ‘Halo: Master Chief’ Collection Update Detailed As ‘Halo: Nightfall’ Continues To Roll
- ‘Destiny’ Dev Details Update; New Exotic Weapons Coming And New Speculations On Free Trial
- Official Android 5.0 Lollipop Update For HTC One Google Play Editions Delayed Due To New Software Request
- ‘Pokemon Omega Ruby and Alpha Sapphire’ Guide: Continuous Breeding, Must See Places And TwitchPlays Pokemon Activity
- Samsung Galaxy Note 4 New Update Brings Performance And Stability Improvements
- Apple and Google Engage in Thermonuclear War, New Google Translate Chat App in the Works
- Russia's New Tactical Nuclear Weapons Program Growing Confident Against the US: Talks of World War III
- Walmart Offers the Best 2014 Black Friday Deals on iPhone 6, iPad Ai2 & Other Gadgets – Reports
- Update Samsung Galaxy S5 to Android 4.4.4 KitKat, Sprint Release and Installation
- More Nexus 6 Problems Arise with Android 5.0 Lollipop, Poor Benchmark Results and Other Issues
- HTC One M8 Android 5.0 Lollipop Release Delayed: Other Schedule and Installation Guide
- Israel''s Al Aqsa and East Jerusalem Issues Threatening Its Multi Billion Gas Deal With Jordan