In a previous article, we discussed whether the printer you have connected to your computer can be a security risk to your data. A printer, especially a wireless one, is a terminal that can still be utilized by attackers to gain access to your data. We also discussed how to best secure your printer and protect your data better.
In this part, we are going to focus on another part of your computer that could potentially be exploited in attacks: power supply unit or PSU. A PSU, despite being a low-level device in a computer setup, can be exploited to run certain types of attacks. Is your PSU secure? How you prevent relevant types of attacks? Let’s find out, shall we?
Hacking Air-Gapped Systems
The concern over whether PSUs can be used in hacking attempts was first raised by a security researcher, Dr. Mordechai Guri, who was conducting studies on whether data from air-gapped systems could be extracted using unconventional means. The research revealed that PSUs can be used to create covert acoustic channels.
The way this attack is done is by turning PSUs of a computer system into speakers that buzz in certain frequencies. The frequencies are well within the operating range of power supply units, hence the method is classified as difficult to detect.
An exploit that does this was developed and tested. That exploit is capable of switching operating frequencies of power supply units and generating waveforms from capacitors and transformers. By doing this, the waveforms can then be used to transmit data the same way it is used to transmit timecodes in video equipment.
Limitations and Other Attacks
The acoustic method is very clever in transmitting data using soundwaves, but it has its limitations. For starters, the accessible frequencies can only transmit data at 50 bit/second. To put that in context, transmitting a 10,000-word text file using this method would require approximately an hour.
At the same time, the exploit’s ability to change frequencies and operating parameters of PSUs presents a danger on its own. That exploit can also be used to take PSUs beyond their operating parameters, resulting in power disruptions.
For example, a section of the PSU that supplies power to physical terminal locks can be made to ping the lock using pulses and disable the lock completely. The dangers imposed by this type of attack, combined with physical access to data centers, are significant.
Risk for Home Users
For home users, the risk imposed by attacks on PSUs is fairly minimal, although a significant attack can still damage your computer system. Fortunately, you can find power supply units with the best capacitors for power supply filtering. Top brands that use capable capacitors and transformers are also adding additional layers of current and frequency management for added safety.
As long as you have a high-quality PSU powering your PC or other computer systems, you are protected. Besides, a good PSU protects the lifecycle of your computer parts better by supplying stable and reliable current.
The post Could Your Power Supply Be a Security Risk to Your Data? Here’s What You Should Know appeared first on CyberDB.