Scientists at the University of Michigan are using sound waves to identify gaps in the cybersecurity of everything from automobiles to the Internet of Things. By tricking devices using the sound waves, the scientists were able to identify flaws in the security systems; from there, designers could effectively fix these gaps in their cybersecurity.
The technique for determining cybersecurity flaws using sound involves tricking the devices. The hardware sensors on these devices can be misled into believing there is movement where none has occurred. The inertial sensors of 15 different devices were blasted with a set of precise acoustic tones. The sensors read this as movement from an object, even though none had taken place. By studying how the devices reacted, scientists were able to construct a backdoor into their systems — and take control from within.
Different devices responded to the musical assault in a variety of ways. A Fitbit recorded thousands of false steps thanks to a speaker. A music file allowed them to take over the accelerometer used in an Android app to drive a remote control toy car. The examples go on and on, but the results remained the same: music can be used maliciously in the wrong hangs.
But this turns out to be good news: scientists and engineers can now plan an appropriate response should hackers attempt to use music in their digital attacks. The researchers are working to patent their intellectual property; from there, they can find commercial partners and use this information to reverse-engineer new ways to protect you and your devices from harmful attacks. Who knew a little music could be so dangerous?