Smart speakers being a part of the IoT, are known for privacy issues and hacking concerns. However, this time, researchers have discovered an unexpected vulnerability leaving these speakers susceptible to a cyberattack via laser beams. The team has identified that by shining a laser at the targeted device, they can remotely inject inaudible and invisible commands (light commands). A team from the University of Michigan and Tokyo said that they were able to hack the device’s microphone without using any words but only by flashing a laser light.
Think it sounds insane? Let’s understand how it works
When a team of researchers from Tokyo and Michigan Universities experimented to learn how and why microphones respond to light, they found that this was due to a vulnerability in MEMS microphones. The experiment was performed with a remote hacker standing at a distance from the device, and by modulating the light’s amplitude, an acoustic pressure wave was produced. The modulated electric signal tricked the microphones and made them produce electrical signals, similar to that of receiving audio.
Light Commands – All you should know about the research
According to the research, much like how the voice assistants in your smartphones and tablets are vulnerable to a light-based injection attack. Any device with MEMS microphones is prone to be vulnerable to this type of attack. The research, as reported, revealed that the researchers initially managed to open a garage door from a distance of 230 to 350 feet, using a Google Home device and a laser, using a telephoto lens.
The test was also conducted on iPhone XR, Google Pixel 2, and Samsung Galaxy S9, where the researchers were able to exploit the vulnerability from a closer distance. The report was shared with Amazon, Google, Ford, and Tesla, and they have been working to fix the issue as customer’s security is their paramount objective.
Courtesy: Light Commands
The range of the attack varies according to the intensity of the light and power of the laser. Other physical barriers, like windows, can reduce the intensity of the attack. The absorption of ultrasonic waves in the air is another hindrance to carrying out an attack.
Why cyber attackers are loving this!
Attackers can exploit this vulnerability to make online purchases, control smart switches at home, open smart garage doors, and lock or unlock a car remotely when it is linked to the speaker. It can also open smart locks, using a brute-force method to attain the user’s PIN. The vulnerability allows attackers to masquerade as a legitimate user and inject commands. The attacker can even access your voice assistants, leaving the impact of the attack to depend on how many devices you have connected to the voice assistant.
Stay safe from light command vulnerability
Software makers will soon be releasing updates/patches to fix the issue. They can also add another layer of authentication to process incoming commands. However, until service providers come up with a solution, it is advised to physically block the line of sight to your voice assistant to avoid receiving outside commands.
Scope of cybersecurity in mitigating advanced attacks
Cybersecurity is not just about combating challenges. It is equally as important to find the vulnerability and treat it appropriately before it falls into the hands of a cyber criminal. Sophisticated attacks, like the recent vulnerability with MEMS microphones, requires an expert skill to be identified. Similarly, other cybersecurity experts will work toward dealing with the issue efficiently, so that it does not impact users’ privacy.
Cybersecurity, through its various branches like ethical hacking, penetration testing, security application engineering, etc. help deal with vulnerabilities before they are sourced as destructive attacks. The cybersecurity workforce has to attained credentials to obtain expert knowledge and skill. EC-Council offers industry-recognized cybersecurity certifications in Vulnerability Assessment and Penetration Testing (VAPT) to help create skilled penetration testers. The tract is divided into three levels – basic, advanced, and expert. At the core, it has three certifications, viz., Certified Network Defender (C|ND), Certified Ethical Hacker (Master). In the advanced level, you learn the practical application of penetration testing via two certifications, EC-Council Certified Security Analyst (ECSA) and ECSA (Practical). In the third level,the Licensed Penetration Tester (Master) makes an efficient penetration tester with higher job prospects across the world.