CYBERSECURITY experts warn about 'acoustic side-channeling attacks' that can be used to spy on you.
In a new blog post by cybersecurity firm Kaspersky, experts detail the dangers of sophisticated AI being used to spy on users via typing.
This is known as an "acoustic side-channel attack" (ASCA) and they use sound to glean information from a system.
HOW DO ACOUSTIC SIDE-CHANNEL ATTACKS WORK?
This attack relies on the sounds produced by typing on a keyboard to determine what is being typed.
By analyzing these unique sounds, hackers with the right equipment can decode the exact letters being pressed.
Artificial intelligence reaches major milestone 'for the first time ever'
ASCAs are another type of side-channel attack, which means they exploit unintended channels of information leakage in a system.
Side-channel attacks are dangerous because they target indirect channels like power consumption, electromagnetic emissions, or, in this case, sound.
A few months ago, a research paper titled “A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards”, revealed that AI could be used in ASCAs.
Specifically, AI could be used to decode passwords by analyzing the sound produced by keystrokes.
Researchers found that when the AI model was trained to recognize keystrokes, it was able to identify letters with 95% accuracy.
THE RISKS
The most obvious risk of ASCAs is a hacker's ability to gain access to your sensitive information such as passwords or usernames.
If a threat actor gains this data, they can use it to hack into your online accounts or even your bank.
They could also steal important data to commit identity fraud or other crimes in your name.
This new technology is worrying cybersecurity experts and smartphone users alike.
"When we enter a credit card number or password, we can hide the keyboard from prying eyes, but protecting yourself from eavesdropping isn’t so easy," Kaspersky writes in its blog post.
Inside home of the future - including AI baby crib
"It’s not quite there yet, but imagine someone in a café or on the train potentially stealing your password, credit card number, or even your private messages just by listening to you typing," the blog continues.
HOW TO STAY SAFE
It can be hard to protect yourself from such attacks, especially if the technology is only evolving.
However, Kaspersky noted some tips that could help users stay safe.
For starters, avoid typing passwords or other secret information during conference calls, Kaspersky experts said.
"For many reasons, we recommend using two-factor authentication — it protects well against various password compromise scenarios," it added.
2FA protects your accounts by requiring an extra level of verification before logging in – such as a text confirmation.
"Finally, there’s a way to counteract this specific side-channel attack. It’s based on the fact that you have a certain consistent pattern of typing on the keyboard," Kaspersky noted.
"Want to make it harder for those sneaky hackers? Break the pattern: mix up your typing style," it continued.
"Both super-slow and super-fast typing can work wonders."
