A groundbreaking research discovery by researchers at the University of Michigan has revealed that millions of gadgets that use accelerometers are at grave risk from hacking from sound waves. Said anomaly can be used to hack into critical sensors in everything such as phones, medical devices, fitness apps trackers, and cars. Researchers warn they found that tiny sensors can be tricked, registering fake movements and thus, giving hackers a backdoor into devices. According to Kevin Fu, University of Michigan associate professor of computer science and engineering, “The fundamental physics of the hardware allowed us to trick sensors into delivering a false reality to the microprocessor. Our findings upend widely held assumptions about the security of the underlying hardware.”
The team used a $5 speaker and precisely tuned acoustic tones to deceive 15 different models of accelerometers into registering movement that never happened at all. This opened up a backdoor where hackers can pass through. This new research work at the university calls into question longstanding computer science beliefs that software can automatically trust hardware sensors since these feed autonomous systems with fundamental data needed to make machine decisions. In short, anyone looking at this problem from the point of view of computer science or material science will never see any kind of security problem.
But if one looks through both lenses from both points of view at the same time, they will be able to see these security vulnerabilities. This problem also affects both analog and digital machines, so basically, any electronic device is in danger when bombarded with sonic waves. These devices already contain tiny MEMS accelerometers. The scary part is that most devices today rely heavily on sensors to make automated decisions with kinetic consequences. Today’s autonomous systems that may be vulnerable to this kind of hacking may include package delivery drones and self-driving cars. These examples base their decisions on what their sensors tell them. It’s similar to a human’s sensors like the ears, nose, and eyes. Humans trust their sensors and use them to make decisions.
Video Courtesy of Youtube:
So, if autonomous systems cannot trust their sensors, then the security and reliability of those systems will fail. The concept is similar to an opera singer breaking a wine glass. The key to breaking the glass is hitting the correct glass resonant frequency. The researchers identified the resonant frequencies of at least 20 different accelerometers from 5 different manufacturers. Using the sonic waves, the researchers tricked the devices into decoding sounds as false sensor readings that then delivered to the microprocessor. Researchers from the university’s Engineering department used a malicious music file to hack into a Samsung Galaxy S5, fooling its accelerometer to read out the word walnut. This means that all electronic devices can leave a hole open and can simply be violated using only sonic waves.