How Sound Wave Technology Can Hack Your Smart Phone

As if cybercriminals didn't have enough hacking tools at their disposal, here's another they can add to their toolset: sound waves. Yes, you read that right-sound waves. This sounds like something right out of Planet of Apes, circa 1970, doesn't it?

According to research conducted by the University of Michigan and the University of South Carolina, sound wave technology can be used to disrupt motion sensors found in Fitbits, smart phones and even self-driving cars. Through their research, teams from both schools learned that they could affect accelerometers by "spoof[ing] various environmental stimuli using acoustics."

University of Michigan computer science and engineering PhD student Timothy Trippel said the research groups "were able to not only disable systems with acceleration sensors but [they] could control their output in a way that would alter the behavior of systems that use these devices." The researchers first found that they were able to add fake steps to a Fitbit fitness monitor. Next, by playing a "malicious" music file from the speaker of a smart phone to control the smart device's accelerometer, the research teams were able to mess with other software on the phone, such as a mobile app used to control a Bluetooth-controlled toy car.

It's often thought that hackers are more interested in gaining access to user laptops and desktops, but cross-device cyberattacks are becoming more mainstream. Remember the Dyn cyberattack in October 2016? Hackers were able to shut down highly trafficked sites like Netflix, Spotify, Amazon and Twitter through internet-connected devices, also referred to as IoT. By being able to infiltrate one IoT device, cybercriminals can infiltrate every other device. The research teams discovered this same manipulation can be done through sound wave technology. If a hacker could manipulate the accelerometer on a Fitbit, they could potentially do the same for a self-driving vehicle.

After having located these technological vulnerabilities, the research teams developed software that could help combat sound wave cyberattack.

Protecting Your Data
If a cybercriminal wants to infiltrate your network, they will stop at nothing to do so. Cybercriminals get to work on finding security flaws in software and app developments they day they are released. Without a cybersecurity plan, your private data won't just be stolen, it will be manipulated and modified to read inaccurately. If for example, you are a medical professional tracking your patient's exercise regimen, getting an accurate reading on their level of fitness and where they need to improve is crucial to their care. If a cybercriminal scrambles the numbers without your knowledge, it could prove harmful to your patient's health.

Incorporating cybersecurity measures and backing those measures up with a cyber insurance plan would protect your patient/client and your clinic/business from the nefarious dealings of a cybercriminal. Research has shown that it is vital to equip yourself with preventative cyber tools to keep your data private. If you don't take your cybersecurity seriously, no one else will.

Prepare for a cyberattack before it strikes, get cyber insurance when you visit CyberPolicy.

© 2016-2020 CyberPolicy, Inc. All rights reserved. CyberPolicy®, "Plan. Prevent. Insure."™, and "CyberCheckup"™ are trademarks of CyberPolicy, Inc.
DBA: CyberPolicy Insurance Solutions CA License No. 0L13180
DBA: CoverHound Insurance Solutions CA License No. 0H52375