Remember all those movies where hackers use artificial intelligence to infiltrate computers and steal confidential files with the finesse of a cat burglar? Well, it turns out that Hollywood might have had a point. A recent study has revealed that the futuristic fear of AI turning into the ultimate hacking tool might be more than just a popcorn-worthy plot because cyber criminals can indeed use the technology to crack your password with alarming accuracy.
A team of researchers from Cornell University, Durham University, the University of Surrey, and the Royal Holloway University of London carried out a cyberattack simulation and came to an unsettling conclusion: AI tools can steal your confidential information and compromise your digital security by listening to your keyboard clicks.
AI password cracking – a new threat?
A recent study, which was published as part of the IEEE European Symposium on Security and Privacy Workshops, investigated the use of audio recorded on a Zoom call and a smartphone placed near the keyboard. The computer scientists involved in the experiment pressed all 36 keys on a MacBook Pro, including letters and numbers. Each key was pressed 25 times each with varying pressures.
Subsequently, the researchers proceeded to train a deep-learning model with the keystroke data collected from the audio recordings. Once the AI model was ready, it was put to the test using the remaining data. The result revealed that the model could correctly identify the keys with 95% accuracy from the phone recordings and 93% accuracy from the Zoom recordings.
In other words, criminals can use AI hacking tools to find out what you are typing away on your keyboard during a call with a success rate of over 90%. This could pose a significant danger to your online privacy and digital lifestyle.
“I can only see the accuracy of such models, and such attacks, increasing,” said Dr. Ehsan Toreini, co-author of the study titled A Practical Deep Learning-Based Acoustic Side Channel Attack on Keyboards.
Unfortunately, hackers have been using audio recordings to crack passwords for quite some time now. However, with artificial intelligence becoming a part of the equation, the accuracy level has seen an exponential increase.
Using audio snooping to uncover passwords is a concept that’s been around for a while.
Read more: ‘Are you a robot?’ Looks like bots are beating humans at this test
Acoustic side-channel attacks – explained
Acoustic Side Channel Attacks (ASCA) might sound like something out of a spy movie, but they’re a real concern in cybersecurity. It involves exploiting the unintentional sounds produced when a person types on a keyboard to decipher sensitive information. The distinct sound of each keypress can inadvertently give away passwords, addresses, bank credentials, or other confidential data.
ACSA is considered relatively uncommon compared to more prevalent forms of cyberattacks, such as phishing, malware, and social engineering. However, the concept of exploiting audio recordings from keystrokes to gain access to sensitive information is a legitimate concern that researchers and cybersecurity experts are actively studying.
How to stay safe from acoustic side-channel attacks
Protecting yourself from potential AI password cracking or ASCA requires a combination of awareness, precaution, and adopting secure practices.
Here’s how to stay safe:
Minimize audio exposure:
Be cautious about typing sensitive information in public places where sound could be recorded, such as cafes or open offices. You can try using noise-canceling headphones or type in a quieter environment to reduce sound leakage.
Employ white noise:
Utilize background noise or white noise apps to mask the sounds of typing, making it harder for potential attackers to pick up distinct sound patterns.
Practice vigilance:
Stay cautious while sharing sensitive data online, whether through email, messaging apps, or web forms. In addition, be mindful of unsolicited requests for personal information, as social engineering attacks can still exploit other vulnerabilities.
Stay updated:
Keep your software, operating systems, and security applications up to date. This helps protect against potential vulnerabilities that attackers might exploit.
Password management
Create strong, unique passwords for different accounts to limit the potential damage even if one password is compromised. You can also use a premium password manager such as PureKeep to save passwords in one secure vault.
Multi-factor authentication:
Enable multi-factor authentication (MFA) whenever possible, which adds an extra layer of security even if someone gains access to your password.
To wrap it up
The fact that artificial intelligence can be used to decipher passwords through keyboard clicks is a stark reminder of the evolving landscape of cyber threats.
The inconspicuous sound of typing, which was once considered harmless, now holds the potential to unveil our most sensitive information. However, as technology continues to advance, so too must our vigilance in protecting our digital lifestyle.
Following best practices, staying updated on emerging threats, and fostering a culture of cybersecurity awareness will allow you to navigate the digital world while safeguarding your online privacy from AI-driven attacks.
For the latest cybersecurity trends, stay connected to PureVPN Blog.
Read more: Navigating copyright infringement in the age of AI
