Researchers discover hacking chips using electromagnetic waves
Not many people think about physical hacking, but rather think of software vulnerabilities and malware. Recently, two researchers, Ang Cui, the founder of Red Balloon Security, and research scientist Rick Housley discovered a way of hacking a processor by using electromagnetic waves to cause a glitch to occur in the hardware.
Also known as “fault injection attacks”, they require physical access to the device but are able to cause a strategic glitch which in turn makes the computer behave abnormally and become exploitable. “The advantage of this technique is that it’s physically non-invasive. You don’t have to touch the device, and you don’t leave any physical marks behind,” Cui says. “There’s no exchange of data at the electromagnetic pulse stage, so this would never be caught by a firewall.”
Cui and Housley eventually found out that using a 300-volt pulse and delivering it to a Cisco 8861 VOIP phone’s RAM 4.62 seconds after startup causes a glitch and gave them access to the debugging portal enabling them to load and run their Secure Boot override protocol in 5 seconds, Although the attack does not require physical contact, it does need to be 3 mm away from the phone therefore proximity is required.