Become a fan of Slashdot on Facebook

 



Forgot your password?
typodupeerror
Security

Acoustic Attacks on HDDs Can Sabotage PCs, CCTV Systems, ATMs, More (bleepingcomputer.com) 72

Catalin Cimpanu, writing for BleepingComputer: Attackers can use sound waves to interfere with a hard drive's normal mode of operation, creating a temporary or permanent denial of state (DoS) that could be used to prevent CCTV systems from recording video footage or freeze computers dealing with critical operations. The basic principle behind this attack is that sound waves introduce mechanical vibrations into an HDD's data-storage platters. If the sound is played at a specific frequency, it creates a resonance effect that amplifies the vibration effect. Because hard drives store vasts amounts of information inside small areas of each platter, they are programmed to stop all read/write operations during the time a platter vibrates so to avoid scratching storage disks and permanently damaging an HDD. Last week, scientists from the Princeton and Purdue universities published new research into the topic, expanding on the previous findings with the results of additional practical tests. The research team used a specially crafted test rig to blast audio waves at a hard drive from different angles, recording results to determine the sound frequency, attack time, distance from the hard drive, and sound wave angle at which the HDD stopped working.
This discussion has been archived. No new comments can be posted.

Acoustic Attacks on HDDs Can Sabotage PCs, CCTV Systems, ATMs, More

Comments Filter:
  • by wbr1 ( 2538558 ) on Wednesday December 27, 2017 @12:04PM (#55815555)
    Step 1 - record to SSD
    Step 2 - move to spinning storage (this does not even have to be onsite where the attack is possible)
    Pretty simple way to harden it would seem.
    • That's the way I have my business security camera system set up. The SSD (250 GB - fairly large at the time I bought it) can store about 1.5 days worth of footage, which is transferred to long-term storage either overnight or whenever the SSD gets close to full. I set it up this way not to avoid sonic attacks, but because I was planning to add more cameras in the future and wasn't sure how many concurrent video streams a HDD could keep up with.

      I was originally concerned about the longevity of the SSD,
      • by tattood ( 855883 )
        Does the camera have an SSD inside of it? Or does it transfer over wired/wireless to a remote box that has the SSD/HHD? If the latter is the case, then this attack is useless since the attacker doesn't know where the HDD is physically stored, and any walls between them and the hard drive would make the attack useless.
  • by thebes ( 663586 ) on Wednesday December 27, 2017 @12:06PM (#55815575)

    Sound waves cause vibrations!

    News at 11.

  • by Joe_Dragon ( 2206452 ) on Wednesday December 27, 2017 @12:06PM (#55815577)

    paid for by SSD markers buy now before prices go up to cover our court fees!

  • by Nutria ( 679911 ) on Wednesday December 27, 2017 @12:12PM (#55815643)

    but how practical is this? If you're in close enough to blast the HDDs, you're in close enough to do a lot more than that.

    • Bulk eraser comes to mind, BOFH style.
    • I wonder if that could do it:

      Long Range Acoustic Device (LRAD) G20 Pittsburgh
      https://www.youtube.com/watch?... [youtube.com]

      • by Nutria ( 679911 )

        Insulated exterior walls would attenuate most of it. And a DIY LRAD (a car with ghetto blaster speakers in the trunk) wouldn't be too subtle.

    • It's not because any HDD you wanted to attack in the real world is going to be enclosed in something else, and behind walls of varying thickness and materials, all of which have their own resonant frequencies, and all of which attentuate sound waves. I'm treating this article as FUD and useless, they're just trying to bring attention to themselves (looking for funding maybe?).
    • Sound doesn't just travel through air. It also travels through solids, free of the constraints of the inverse square law. Things like table legs and the frame of a storage rack become an acoustic waveguide, conveying the sound with much less loss (attenuation depends on the frequency and the material). Similar natural 2D waveguides allow scientists to hear whales [theatlantic.com] hundreds of km away.
    • by AHuxley ( 892839 )
      The same type of staff who walk in with usb for https://en.wikipedia.org/wiki/... [wikipedia.org] might also walk in with a malware infected cell phone?
      The trusted user and their now malware infected and "on" cell phone is close enough.

      Leaking electromagnetic emanations give the NSA and GCHQ entire nations mil/embassy plain text just by been near the decoded plain text been printed.
      A ceiling, wall cavity, tunnel under an embassy.

      France lost its entire diplomatic encryption system in the 1950's to the UK and USA by n
  • by JoeyRox ( 2711699 ) on Wednesday December 27, 2017 @12:14PM (#55815669)
    From the paper:

    We assume that the attacker can generate acoustic signals in the vicinity of the victim device, at frequencies within the audible range (2 - 20 kHz). The attacker can either apply the signal by using an external speaker or exploit a speaker near the target.

    In order to get near the HD the attacker will likely have to pass in front of one or more of the security cameras that are streaming to the HD they're looking to interrupt, which means there will still be footage of them . And if they can get that close to the HD they can just physical destroy it anyway.
    • What if the attackers where CLOWN SUITS?

    • by AHuxley ( 892839 )
      Re "the attacker" will be trusted staff. They don't have to worry about "security cameras" or "security". They work in the secure area all day.
      Turned by an offer of a better life, bribe, love, blackmail. Just having their cell phone infected after been identified as a worker with clearance.
      An infected cell phone just for that person and mission that turns on when in the secure area of the company or mil site of interest.
  • by Anonymous Coward

    http://www.zdnet.com/article/how-a-loud-noise-brought-a-data-center-to-its-knees/

    • That article describes a completely different and well-documented issue of high-pressure fire suppression systems destroying hard disks due to a massive pressure spike when the gas is released. Modern data center fire suppression systems are designed to ramp up the gas pressure more slowly, to prevent this issue, and given the size of these systems, it's not really an attack you can take on the road with you, unlike the research described in TFA, which looks like it can be performed with little more than a

  • by OzPeter ( 195038 ) on Wednesday December 27, 2017 @12:18PM (#55815699)

    From TFA

    There's little chance of seeing the mass exploitation of real-world devices using acoustic attacks on hard drives, as such scenario is likely impractical due to the multiple criteria an attacker needs to satisfy.

    Nonetheless, acoustic attacks are inherently suitable for targeted attacks against carefully selected critical systems. For example, acoustic attacks can help nation-state sponsored attacks, aid with physical intrusions into secure systems, corrupt or sabotage forensics collection, or even cause loss of human life when attacking HDDs used by medical devices.

    So once again you need physical access in order to perform this "exploit". In which case all bets are off anyway.

    And the whole ATM thing is just TFA author's wishful thinking, and has nothing to do with the actual research paper.

    Just to explore a scenario not included in the research paper, an ATM malware gang can deploy an acoustic attack on an ATM to prevent it from temporarily collecting forensic evidence while fileless malware executes in the ATM's RAM and dispenses cash to attackers. This scenario and many more others exist.

  • "The research team used a specially crafted test rig to blast audio waves at a hard drive from different angles, recording results to determine the sound frequency, attack time, distance from the hard drive, and sound wave angle at which the HDD stopped working."

    Too bad the distance from the hard drive and sound wave angle cannot be determined absent an inside job because, and this is a doozy, the HDD system is almost never located immediately adjacent to the camera.

    Good luck finding one on a real world env

    • by wbr1 ( 2538558 )
      You forget the inside man job.

      Pay a patsy (janitor, disgruntled employee, whatever) on the inside to drop a device onto the DVR (hide it behind, whatever). Trigger remotely when needed, then break in.

      Hell, I have been in many small offices where the DVR is in the managers office, which is often open. Get an 'interview' and attempt to plant the device for later use while waiting for the manager to interview you. Think convenience stores, check cashing title loan offices, any small place that deals with

      • by DRJlaw ( 946416 )

        Yes, if you completely ignore the "absent an inside job" phrase in the material that you failed to quote, then you you can claim that I "forget the inside man job."

        But I didn't.

      • if you have such a patsy get him to unplug the fucker rather than trying to place a large obvious device that may fail to disable the drive.
  • by Anonymous Coward

    Researchers have proven that Large Hammers can disable power supplies. Power supplies are integral parts of PCs, Security Systems, and Nuclear Power Plant control equipment.

  • There, fix^H^H^Hgeneralized that for you.

  • ... build your enterprise critical data center right on top of the Seattle fault. And then wait for an earthquake.

  • I don't know why, but the Amiga was the only system I've used that warned against bumps or dropping; due the possibility of the drive heads taking a divot from the platters.

    Someone would slam their joystick on the table and I'd almost panic.

  • Then the culprit would have been U.S. made and deployed technology, used for a false flag operation in order to diminish diplomatic contacts between cuban leadership and newly formed republican leadership in the USA. Something is really fishy around this Washington-based accusation... Cubans? With their 50-year-old bicycles and fifties-era vehicles?
  • ... shredding a Fender on a track.

  • ... could just use a hammer. This is just another non-issue, blown completely out of proportion.

  • by bobstreo ( 1320787 ) on Wednesday December 27, 2017 @03:19PM (#55817271)

    I'm reminded a $2 laser pointer aimed at the camera is much more effectkve.

    If you want to spend more money, you can use a high power laser pointer and burn out the camera sensor.

  • Last time I checked most CCTV cameras don't have the HDD sitting with them, also how effective is this likely to be with walls and cases in the way of exposing the HDD, I would think the sound dampening that brings would be pretty significant.
  • We have used spinning hard-drives in audio for decades now in both studio and live production. Studios would not typically expose the drives to continuous levels over 91dB, but it is not uncommon. Live production you can over 105dB for many hours and I have never heard of anyone have vibration issues.

egrep -n '^[a-z].*\(' $ | sort -t':' +2.0

Working...