Pillow Talk – The Side-Channel Attack

14 Jul

It’s an accepted fact that no one would hand over their sensitive information and data to a stranger or criminal knowingly. But what if you’re doing just that each time you use your computer and are simply unaware of what information it’s spewing out, behind your back (or behind the scenes!)?

Let’s talk about what it is exactly that your computer might be doing behind the scenes, that may (in fact it will) lead to a side-channel attack.

What is a “Side-Channel Attack”?

A side-channel attack is quite simply your computer’s inability to keep a secret. Your computer might be giving away just a little too much information which to the average human would prove uneventful, but to a cybercriminal, is gold!

Side-channel attacks are quite smart in that a hacker can learn to read and make use of the little ‘tells’ and patterns in the information given off by every device.

Take for example the electric emissions on your computer’s hard drive and monitor. Different emissions are given off depending on what information is being processed by the hard drive or displayed on the screen in the way of time, power, sound. A side-channel attack by a clever hacker exploits these physical effects to gain the secrets in the inputs and outputs of the algorithms.

Consider the burglar who uses a stethoscope to open a safe by listening for the telltale clues in the dial clicks. The unintentional tactile and acoustic clues given off by the safe’s mechanical physics are the same as a side-channel in your computer. Each uses different techniques to process and learn the secrets within.

The Modern Hacker is Smarter Than We Think!

Many people see online criminals as dodgy individuals who send out poorly worded emails complete with bad spelling, simply taking a chance and preying on the weak.

In reality, the modern hacker and online criminals are far smarter than that… in fact, they’re incredibly sophisticated these days.

Remember all those years of study that you put in to become an expert in your field and in preparation for your career? Well, a cybercriminal is constantly analysing and refining his ‘skills’, searching for new techniques to decrypt and steal data. This means that they are always getting better at getting what they want – which is usually your personal information and your hard-earned money!

Any information that is accidentally leaked can be used for evil deeds by a skilled hacker and this unintended information is being sent back and forth constantly. If the simple sound of a person typing in their banking particulars on a computer keyboard can reveal an inner layer, imagine how much more information can be acquired if a hacker gains access to your mobile phone microphone or camera.

How to Avoid Side-Channel Attacks

There are several ways that cybersecurity experts can help you to avoid a side-channel attack. In most instances, randomisation is used to ensure the order of operations on data is constantly changing. Pre-charging registers and buses to minimise the generation of power-leakage signatures is also often used. Some companies go as far as processing regular dummy operations to reduce the effectiveness of cybercriminals when it comes to signal-to-noise ratio attacks.

It’s a good idea to ensure that you don’t actively store sensitive data on your device just in case a cyber-criminal gains access to it. Encrypted data backups can help with this. You should also make sure that your passwords are regularly changed and that you activate two-factor authentication, to ensure an extra wall of defence is in place.

Ready to start protecting your data and take the required steps to do so? Contact us at Soteria Cloud today.

Comments are closed.