Researchers find ultrasound Internet of Things hacking risks


In a presentation at London's 2016 Black Hat cybersecurity conference, researchers from UCL showed that it was possible to use ultrasound to track consumers across multiple devices. Marketers were already using beacons inaudible to the human ear to activate functions on devices via their microphones, and retailers were using shopping reward apps such as Shopkick to push department or aisle-specific ads while customers were in their stores. The UCL researchers noted, however, the inherent privacy vulnerabilities in these systems, which could potentially use their access to device microphones to spy on conversations or could be hacked to create fake beacons to send malicious or unwanted messages to devices. As a potential new channel for hacking attacks, ultrasound can't carry a lot of data, but even a few bytes can be enough to hack an Internet of Things system and subvert it.

Writer: Sally Adee
Publication: New Scientist

Related learning resources