Physical Attacks Flashcards
Physical Attacks
Direct attacks on computational devices
Name some Environmental Factors
Electricity, Temperature, and Limited Conductance
Electricity (as an environmental factor)
Computing equipment requires stead uninterrupted power supply
Temperature (as an Environmental Factor)
Computer chips have a natural operating temperature and exceeding that temperature significantly can have sever consequences.
Limited Conductance (as an Environmental Factor)
Computing equipment relies on there being limited conductance in its environment. If random parts of a computer are connected electronically, then that equipment could be damaged.
Eavesdropping
The process of secretly listening in on another person’s conversation
Protection of sensitive information must go beyond computer security and extend to the ______________ in which this information is entered and read.
Environment
What are 3 simple eavesdropping techniques?
- Using social engineering to allow the attacker to read information over the victim’s shoulder (over shoulder)
- Installing small cameras to capture the information as it is being read (via camera)
- Using binoculars to view a victim’s monitor through an open window (look through open window)
What is the commingle referred to name of the direct observation techniques that were named?
Shoulder Surfing
Wiretapping
A form of eavesdropping involving physical connection to the communications channels to breach the confidentiality of communications;
to tap a telephone or telegraph wire or cellular signal in order to get information.
Inexpensive coaxial copper cables where information is transmitted via electrical impulses that travel through the cables.
Danger/Risk of Wiretapping
Because it’s relatively inexpensive, impulse can be measured and can reconstruct the data being transferred through a tapped cable - allowing an attacker to eavesdrop on network traffic.
True/False: Wiretapping Attacks are passive?
True
Why are wiretapping attacks considered passive attacks?
Because there is no alteration of the signal being transferred which makes them extremely difficult to detect; it’s snooping;
Passive Attack
When attacker cannot interact with any of the parties involved, attempting to break the system socket based upon observed data.
Name two type is Signal Emanations
- Radio Frequencies
2. Visible Light
Computer screens emit _______________________ that can be used to ________ what is ____________________.
Radio frequencies
Detect
being displayed
What type of reflections can be used to reconstruct a display from its reflection on a wall, coffee mug, or eyeglasses.
Visible Light
Both ____________________ and _____________________ require the attacker to have a receiver close enough to detect the signal.
Radio signal and Visible light
Acoustic Emissions
An attacker using an audio recording of a user tying on a keyboard to reconstruct what was typed.
Differential Power Analysis (DPA attack)
A side channel attack on smart cards with secure crypto precede or. Each crypto operation requires different power consumption.
a powerful tool attackers used to extract secret keys and compromise the security of tamper resistant devices
(extremely effective, low cost, and widely known)
Side Channel Attack
any attack based on information gained from the implementation of a computer system, rather than weaknesses in the implemented algorithm itself. i.e. DPA
Hardware Keyloggers
Small connectors that are installed between a keyboard and a computer
Keylogger
Any means of recording a victim’s keystrokes, typically used to eavesdrop passwords or other sensitive information
USB Keylogger
A device containing male and female USB connectors, which allow it to be placed between a USB port on a computer and a USB cable coming from a keyboard.