Malware Attacks: Even When the Computer Is Unplugged; Data Leak Via Sound Waves; Should Google's SlickLogin Be Worried?
By Pavithra Rathinavel | March 8, 2014 11:44 AM EST
Preventing your network of computers from cyber attack (malware), the first logical step is isolating the affected computer from the network. Such technique is known as "air-gapping."
But as a deathblow to the time tested method of unplugging the affected computer to save the rest of the computers in the network, we now have a new malware to worry about. It is where air-gapping does not help prevent the spread of malware within the network. This is achieved with the help of "hidden acoustic waves."
How Does This New Malware Work?
According to a recent study conducted by scientists Michael Hanspach and Michael Goetz, this type of malware can escape air-gap by interpreting malicious computer code into sound waves, which is then transmitted by using a computer's peripheral device to attack the nearby computers. Speakers, sound cards and microphones are mostly overlooked entities in security planning. Using frequencies outside the range of human hearing, such messages can escape detection.
How Was This Malware Discovered?
In a proof-of-concept from Germany's Fraunhofer Institute for Communication, Information Processing and Ergonomics, researchers could use the built-in speakers and microphones of computers to transmit passwords and other data at a rate of 20 bits per second over a distance of almost 20 meters, allowing the malware to leak data to the outside world.
Should You Be Worried?
According to Telegraph, the networks relying on acoustical communication are very rarely used because of the much higher bit rates and ranges offered by radio transmission. Citing infrastructure problems, this particular malware may not take off in a full-fledged Avatar until sometime. So there is nothing much to worry about at this.
What Are the Countermeasures To Prevent Attacks?
When a computer is affected by a malware, apart from disconnecting the system from the network, the audio input and output devices should be switched off or unplugged. The scientists claimed this is the only way to prevent such attacks.
Will This Malware Have Any Implication On Google's SlickLogin Acquisition?
Google acquired Israeli security startup firm, SlickLogin. The idea is to let the user login easily and hassle-free enabling the authentication to be effective.
SlickLogin uses smartphones and high-frequency sounds for identity verification at Web sites. It doesn't just offer two-factor authentication. The sound waves can also transmit user account information. This means you could log in to a Web site by doing nothing other than holding your phone next to a computer. The sound wave takes care of all the data transfers.
Should Google be worried about SlickLogin's core ideology?
To contact the editor, e-mail:
Most Popular Slideshows
- 2014 MLB World Series Game 1: San Francisco Giants 7, Kansas City Royals 1 [PHOTOS]
- 2014 MLB World Series - Game 2: Kansas City Royals 7, San Francisco Giants 2 [PHOTOS]
- NFL Thursday Recap - Denver Broncos 35, San Diego Chargers 21: Peyton Manning Has 3 TDs In Easy Win [PHOTOS]
- 2014 MLB World Series Game 3: Kansas City Royals 3, San Francisco Giants 2 [PHOTOS]
Join the Conversation
- Samsung Galaxy Note Edge and Note 4 Designer Secrets: Behind The Materials, Edge Screen And S Pen
- 'The Sims 4' Mac Version: Bugs, Missing Elements Players Must Be Prepared Of
- 'Destiny' vs. 'Titanfall': New Legendary Gears Spotted And Update 8 Features Detailed
- How To Play 4K Graphics Quality On 1080p Games With Any Monitor Using NVIDIA Graphics Cards
- PS4 v. Xbox One: More Details For Firmware 2.0 Update, Xbox Screenshot Feature And Paid Xbox Music Emerge
- Xiaomi Redmi 1S vs. Sharp Aquos Crystal – Specifications, Features And Price Showdown
- Verizon Motorola Droid Turbo Leaked Live Images Surfaces, Scheduled To Get Unveiled On Oct 28
- Update HTC One M7 with LG G2 with Android 4.4.2 as Sprint OTA: Fixes and Installation
- U.S. Targets Buyers of ISIS Oil, Threatens Sanctions
- ISIS Syria Airstrike Bombing Has Killed 550 People, Civilians Included
- Russia Blocking OSCE Monitoring Of Its Border With Ukraine
- Russia Slams US 'Double Standards' In The Fight Against ISIS