Do Security Chips Defend Against Hardware Attacks?

Summary: This 3-minute article explains how security chips embedded in your devices protect them from hardware and firmware attacks. Learn why these embedded microelectronic components provide vital hardware cyber security for your computer system. For further details, contact DIGIGUARD CYBER SECURITY at 833-33-CYBER (833-332-9237) or visit www.DIGIGUARDsecurity.com to discuss device security and all the cyber defense solutions available to protect your SMB from all types of cyberattacks.

When non-techies think about cyber security, they often think about malware attacks launched through emails, software or fraudulent websites. Most users have anti-virus software to protect against online cyberattacks. However, little attention is given to the built-in security required for computer hardware components and mobile devices. Every aspect of device security is essential to protecting your SMB from malicious attacks. Hackers always find new ways to breach data. Security chips are microelectronic components built into computer circuitry to keep hardware and firmware safe. You might ask, “But why should I worry about this? How can hardware be attacked without my anti-virus software catching it?” The answer is that hackers have devised side channel attacks to compromise system integrity and exfiltrate sensitive data and cryptographic keys at the hardware level.

What Is A Side Channel Attack?

A side channel attack (also called a sidebar or implementation attack) is a technique by which cybercriminals find vulnerabilities to attack by measuring hardware activity, processes, changes and emission coincidences and the various outcomes of such activities. These attacks are sneaky because they don’t go after software or its code and are, therefore, difficult to spot using traditional anti-virus protection. Also, sophisticated side channel attacks can steal data about systems while they are running and not leave a trace. Ironically, as computers become more sophisticated, more new side channel vulnerabilities are exposed to cyber thieves.

There are several common types of side channel attacks. The average user might find these hard to believe:

• Acoustic Attacks – In acoustic attacks, the sounds made by a device can be measured and analyzed. Advanced acoustic attacks can record user keystrokes and discern what they have been typing. In addition, specific data can be gleaned just from the sounds that devices emit. Scared yet? You should be.
• Electromagnetic Emissions Attacks – By measuring and analyzing the electromagnetic fields (EMFs) emitted by targeted devices, high-level hackers can reconstruct other signals they generate. These signals can pass through walls and impact your computer system without any direct contact and are invisible to anti-virus protections.
• Power Consumption – Cybercriminals can make inferences about what the system is doing by measuring the power consumption and timing of a system or its components. Some attacks can adjust the power to increase side channel vulnerability.
• Measuring Timing – By collecting data on the length of time it takes for various operations between components to execute tasks, hackers can analyze the status of a system and make educated guesses as to what processes it is performing.
• Memory Cache Abuse – Computers use memory caches to speed up their overall performance. By attacking memory caches, hackers might gain access to otherwise blocked data.
• Hardware Vulnerabilities – By understanding a system’s physical characteristics, skilled cybercriminals can exploit any data a system retains, even after deletion. Random access memory (RAM) chips are most vulnerable to hardware attacks because they exist to hold data temporarily and, therefore, can lull users into believing they are not the likely targets of an attack.

What Can You Do To Prevent A Side Channel Attack?

SMB cyber security is a team effort. The establishment of employee best practices can help prevent some side channel attacks. Details about your business’s computer system and how it operates should be treated as proprietary information and not divulged to anyone outside your organization. Even within your company, users should only know what they need to know to perform their jobs. When in doubt, the fewer details shared about your system and its functions, the better. There are also a few tricky countermeasures that can be taken:

• Make Noise! – Acoustic side channel attacks can be thwarted by increasing the noise your computer system makes. For example, if you’ve ever been in a crowded restaurant with many people speaking at the same time, you’ve experienced how difficult it is to make out specific conversations. The same basic principle applies to defending against acoustic side channel attacks. Make it harder for the hackers to hear what your system is doing.
• Jamming – A device that emits EMFs can act as a force field of interference. Intentionally adding such a device can hide the radiation fields generated by your computer system.

Device management is an integral part of cyber security. Every device connected to your computer network is a vulnerable endpoint and should be locked down as much as possible. Cybercriminals are constantly working on new approaches to steal private data and hijack systems. To ensure you’ve done everything possible to protect your business’s hard-earned data from side channel and other attacks, consider hiring IT experts to arm you with professional cyber defense solutions customized to your business needs. Keeping up with cyber risks and evaluating your business’s cyber security is essential to keeping your SMB safe from the wide variety of cyberattacks that are launched against small businesses.