thermal attack.. when your body heat is used to hack us electronically 2022
Thermal attack is a new term in an old world, the password is a private matter for each user to maintain his privacy and security.
But there are some people who have invented cunning methods to reveal user passwords and hack their privacy; such as simple methods such as peeping or espionage.
and technical methods such as fake pages and viruses, or using certain tools such as "flashback" in stealing passwords, until sensitive technical tools were combined with machine learning techniques to create what is known as a "thermal attack".
What is a thermal attack
Thermal attack is a process that targets both keyboards, touch screens and buttons to find out the entered passwords by the thermal effect left on them; the finger leaves a thermal fingerprint when it touches the screen or buttons, and this fingerprint is detected by the thermal camera, as it remains visible for 60 seconds after contact.
The researchers found that the recently touched keys look more glowing, which makes it possible to determine the sequence of numbers, letters, or even symbols that make up the password, and this is how simple passwords can be detected and stolen, so how would artificial intelligence be used in this process.
Artificial intelligence and heat attack
Computer security specialists have developed a system capable of guessing the passwords of computer and smartphone users in seconds, and this technology works by analyzing the heat traces left by fingers on keyboards and screens.
And they trained an artificial intelligence model to effectively read images and make guesses about passwords in order to phish them.
The "thermosicure" system is one of the most famous systems that rely on artificial intelligence to guess passwords, and access them through thermal images that were filmed in a period between 30 and 60 seconds after the finger touched the surface to be photographed.
The system was developed by a number of researchers from the University of Glasgow to demonstrate how the decline in the price of thermal cameras and the increase in access to machine learning and artificial intelligence technologies lead to new risks.
Through studies conducted by a number of researchers, they found that the thermosecure system was able to detect 86% of passwords when taking thermal images within 20 seconds, 76% within 30 seconds, and drops to 62% 60 seconds after entering the information.
They also found that within 20 seconds the thermosecure was able to successfully guess long passwords consisting of 16 characters, with a rate of up to 67% of correct attempts.
The shorter the passwords become, the higher the success rates; 12-character passwords were guessed up to 80% of the time, 8-character passwords up to 93% of the time, and 6-character passwords were successful in up to 100% of attempts, so this method is a real security threat that must be stopped.
Tools used in thermal attack
The most important requirements for thermal attack thermal camera, as well as machine learning technologies:
- The thermal camera has become easy to find and at a price of up to 225 dollars, it is also easy to use and does not require much experience.
- As for machine learning, it has become widely available and has wide fields; which allows many people to engage in it and master it, and allows people around the world to develop a system similar to the thermosecure system in order to steal passwords.
All these tools need a person to use them, he is the one who holds the thermal camera, monitors the target, shoots the keyboard or screen in order to analyze the thermal image and extract the password. And this is what calls for caution from the people around us, it is they who make these tools effective.
Protection from thermal attacks
Due to the recent proliferation of such attacks, several teams have conducted research and studies on how these systems work and ways to protect against them.
The researchers found that users who type passwords slowly and press their fingers on the keyboard for a long time were more likely to reveal their passwords, as they are guessed more accurately than those who Type their passwords quickly.
On the other hand, the material used to make the keyboard had a significant impact on the system's ability to guess passwords.
As thermosicure can accurately guess the passwords written on the "ABS" plastic keycaps by about 50%, however, the success rate dropped significantly to 14% when using the "PBT"plastic keycaps.
Based on these studies, the best way to protect your passwords from these and any other attacks is to make the password a little long and complicated using uppercase and lowercase letters and numbers with symbols, so that it is difficult to guess in various ways.
The user can also use more secure methods by adopting alternative authentication methods such as fingerprint or facial recognition, which inhibits the methods and methods of thermal attack and enables to keep your privacy away from thieves and hackers.
The technical world is constantly evolving, and some people use advanced and new methods in order to carry out illegal actions such as theft and espionage.
which forces openness and familiarity with all new technologies, knowledge of their mechanism of action and how to protect against them so as to avoid a thermal attack, and what may come after.