Cyber Security Threat Summary:
“A team of researchers from British universities has developed a deep learning model called 'CoAtNet' that can perform acoustic attacks by stealing data from keyboard keystrokes recorded using a microphone. The model achieved an alarming accuracy of 95% in predicting the keystrokes, showcasing the potential danger of sound-based side-channel attacks. The study reveals that even when using platforms like Zoom for training, the prediction accuracy only dropped slightly to 93%, which is still a significant threat.

This type of attack has serious implications for data security, as it can expose sensitive information such as passwords, discussions, and messages to malicious third parties. Unlike other side-channel attacks that have limitations in terms of data rate and distance, acoustic attacks have become simpler due to the prevalence of microphone-equipped devices that can capture high-quality audio” (BleepingComputer).

Security Officer Comments:
The attack process involves recording keystrokes using a nearby microphone or an infected phone's microphone. Alternatively, keystrokes can be captured through platforms like Zoom, where a malicious participant correlates typed messages with recorded sounds. The researchers trained CoAtNet using spectrogram images generated from recorded keystroke sounds, achieving high accuracy after parameter tuning.

Suggested Correction(s):
To defend against acoustic side-channel attacks, users can take several steps. They should consider changing their typing patterns or using random passwords to confuse attackers. Employing sound replication software, along with white noise or audio filters, can hide typing sounds and make it harder for hackers to decipher them. Where feasible, biometric authentication adds an extra layer of security. Also, relying on password managers minimizes manual typing, reducing the risk of exposure. While modifying mechanical keyboards might help, a combined approach using these methods is the key to thwarting acoustic attacks.

Link(s):
https://www.bleepingcomputer.com/ne...ata-from-keystrokes-with-95-percent-accuracy/