Cellphone hacking is practically old news in 2017. From leaked celebrity photos to automated robocalls, the number of cybersecurity issues has long passed the point where one can keep track. In fact, cell phone hacking is so easy that a cursory Google search will reveal numerous how-to guides and step-by-step instructions.
Despite our desensitization to the threat, cell phone hacking is a rampant problem and one that many users are unequipped to handle. But now, a team of engineers with the Ubiquitous Security and Privacy Research Laboratory (UbiSeC) at the University of Buffalo has developed an app to help combat one particularly damaging cyber-threat: voice hacking.
Voice hacking occurs when attackers use a voice-based app or features (like Siri) to record your speech. It only takes a few minutes of audio to effectively replicate your voice and trick even the best of security systems.
To Dr. Kui Ren, a UB computer science and engineering professor and director of UbiSeC, the need for more security was apparent.
“Technology is advancing so fast; we have to think of different ways. The strategy is using multiple lines of defense. We call that defense in depth,” he said in a news release on the UB website.
To that end, UbiSeC and their team of engineers have created a new app that uses, among other things, the magnetometer to help mitigate the risk of voice hacking, identifying the magnetic field that is inherent when a recorded voice is played back over a speaker. So far, the app has proven remarkably successful, according to a report at the 37th International Conference on Distributed Computing Systems.
The prototype is said to be available soon, although no official date has been given. While an ordinary app takes at least six months to develop by a team of six to 10 people, the complicated nature of the security app will likely necessitate more care be taken.
This announcement comes on the heels of a series of high-profile cyber-attacks, including the devastating ransomware attack, which was responsible for shutting down 16 hospitals in the United Kingdom.
Had the ransomware had the same effect in the United States, the consequences could have been tremendous, considering the nation’s shortage of medical facilities (more than two-dozen rural hospitals have closed nationwide since 2013).
The effects of cyber attacks on business have also been keenly felt, especially for small business, 60% of which close within six months of a coordinated cyber-attack.
Unfortunately, there is no easy solution. The only way to combat hackers is to try to anticipate them, to stay one step ahead of their efforts.
“We cannot decide if voice authentication will be pervasive in the future. It might be. We’re already seeing the increasing trend,” Ren said of his own project. “And if that is the case, we have to defend against voice replay attacks. Otherwise, voice authentication cannot be secure.”
But despite the difficulties, it is important to keep trying, because as Ren said, “Hackers are out there, more than you can imagine. There is a whole underground gray market to sell your password and your personal information.”