Academic researchers from British universities have developed a deep learning side channel attack that can be used to steal data from keyboard strokes that are recorded using a microphone with an accuracy of 95%. The audio can be recorded from a nearby microphone, or through the device’s own microphone. The keystrokes can also be recorded through a video or audio conferencing call, such as using zoom or skype. Though the prediction accuracy drops to 93% when using zoom and 91.7% for skype. The attack starts by recording keystrokes on the target’s keyboard and using that data for training the prediction algorithm. Such an attack has the potential of leaking sensitive information including passwords to malicious third parties. The attack has proved highly effective even against a very silent keyboard, so mitigations recommended by the researchers include using software-based audio filter and continuing to use strong password as well as two-factor authentication.
https://www.bleepingcomputer.com/news/security/new-acoustic-attack-steals-data-from-keystrokes-with-95-percent-accuracy/
https://www.itnews.com.au/news/keyboard-sounds-can-reveal-secrets-researchers-598899
This segment was created for the It’s 5:05 podcast