Acoustic Attacks Can Disrupt HDDs, Surveillance Systems, and Other Devices

Information security experts have repeatedly studied the so-called “acoustic attack” vector. It has long been known that carefully selected sound waves can cause the platters of hard drives to vibrate. If the sound is played at a certain frequency, resonance occurs, which amplifies the vibration. Since it’s impossible to read or write data while the platters are vibrating, modern systems will pause HDD operations and wait for the vibrations to stop. Otherwise, there’s a risk of damaging the disk surface and losing data.

Perhaps the most famous example of hard drives being sensitive to surrounding sounds is a video recorded by researcher Brandon Gregg back in 2008. In 2017, Argentinian specialist Alfredo Ortega also demonstrated the “HDD Killer” attack, which uses a 130 Hz sound to make a hard drive stop responding to OS requests.

New Research on Acoustic Attacks

A recent report (PDF) on this issue was presented by a joint team from Princeton University and Purdue University. The experts conducted a series of practical tests using a special test bench to see how HDDs operate under the influence of sound waves coming from different distances, angles, frequencies, and durations.

The researchers found it was not difficult to select the optimal frequency and distance to attack each of the Western Digital hard drives they tested (see table below). In their opinion, real attackers would have no trouble doing the same.

“An attacker can play a [malicious] signal either through an external acoustic system or by exploiting an acoustic system located near the target. In theory, the attacker could remotely exploit some software (for example, gain remote access to a car’s multimedia system or a personal device), trick the user into playing a malicious sound attached to an email or embedded on a web page, or insert the malicious sound into widely distributed audiovisual materials (such as TV commercials),” the experts explain.

According to the report, these acoustic attacks, which are essentially a form of audio-based Denial of Service (DoS), could be used in real life to sabotage the operations of various systems, companies, or individuals. The closer the sound source is to the target, the less time is needed to carry out the attack. The longer the attack lasts, the higher the chance it will cause a serious service disruption, potentially requiring at least a device reboot.

Impact on Surveillance and Computer Systems

The researchers note that acoustic attacks on HDDs can be very effective against DVR systems used with surveillance cameras, as well as computers running Windows 10, Ubuntu 16, and Fedora 27.

• For example, an effective acoustic attack on a DVR device takes just 230 seconds. After this time, the system reports “Disk lost!” Even after the attack ends and the system is rebooted, it’s impossible to view video from the connected cameras for the duration of the attack—the recording is interrupted.
• Similarly, a sound at 9.1 kHz played from 10 inches (25 cm) away from a PC case can cause numerous problems, up to and including a Blue Screen of Death (BSOD). The results of these experiments are shown in the table below.

It’s worth noting that the attack doesn’t necessarily have to be carried out from a short distance. According to the experts, this issue can be easily solved by using a more powerful sound source.