Transduction attacks are a threat to sensors embedded in a variety of devices according to researchers at the University of Michigan and Zhejiang University. A transduction attack would use sound, electromagnetic waves, or electric signals, to trick a sensor into reading incorrect data. Researchers have demonstrated how a cyber criminal could not only cause a denial of service attack, but also control the sensor output itself with malicious analog signals at the same frequency as the sensor. Michael Patterson, CEO at Plixer commented below.
Michael Patterson, CEO at Plixer:
“Small electronic devices such as these vulnerable sensors are taking cybercrime to a deeper, darker level. Pacemakers for example can be altered remotely, resulting in the death of a victim if they are within 35 feet of the hacker. Companies claiming that these devices were designed before they knew about the security risks may not be completely honest. It’s more likely that they didn’t think cybercrime would exploit device vulnerabilities at the current scale. Today however, there is no excuse and yet, little is being done. For example, some automobile manufacturers are shipping cars that can be manipulated remotely to stop abruptly, deploy air bags or lock the doors. Manufacturers give consumers the option to turn some of these features off, but not all of them such as GPS tracking. Manufacturers have been reluctant to compromise profits over the big data collected from all of the additional sensors in new cars. Consumers need to push back on the industry to regain control of actual features installed on their new car.”
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.