Imagine a movie set in a top-secret bioweapons lab. A villain in a bunny suit steps into the facility’s inner sanctuary. This is one of the biosafety rooms where only the most infectious and deadly microbes are dealt with. Tensions build as he pulls out the phone. I’m sure he’ll use it to influence dramatic hacks or activate explosive devices. Are you a villain?
After all, perhaps those who read the new paper Possibility of hacking biosafety rooms using musicThis work was done by researchers at the University of California, Irvine [Anomadarshi Barua], [Yonatan Gizachew Achamyeleh]When [Mohammad Abdullah Al Faruque]and negative pressure chambers found in facilities of all kinds, but are of particular concern where they are used to prevent pathogens from escaping throughout the world.
Negative pressure rooms use sophisticated HVAC systems to keep and maintain a low indoor pressure relative to the outdoors. Control systems for such rooms rely on differential pressure sensors that detect the pressure difference between two ports separated by a thin diaphragm. Diaphragm deflection due to a pressure difference between two ports can be sensed either capacitively or piezoresistively.
The problem is that diaphragms tend to have resonant frequencies in the audible range, making them vulnerable to spoofing. Several different commonly used sensors were evaluated with audio frequency sweeps, showing a resonant sweet spot between 700 and 900 Hz. This is a great way to embed audio into his tracks, allowing attackers to hide out of sight or even in sounds. Tweaking the sensor at this frequency could allow the control system to make adjustments and remove the air and the pathogens it contains from the room. You can imagine the rest.
We’ve come to like finding and reporting some of the strange side-channel attack vectors, such as: potato chips bag When clicky keyboardThis attack is particularly terrifying because it looks plausible and is much more risky.
Featured Image: Steve Zylius / University of California, Irvine