Hackers are constantly developing new ways to access private data, and it can be tough to keep up-to-date with the latest cybersecurity threats emerging.
One of the most worrying new trends in recent times is AI. Criminals now use artificial intelligence to collect user data and steal private information.
While many of us are worried about what a hacker sees, we must also be mindful of what they hear. New research has shown that criminals can hear what Keystrokes you are pressing to find out what you’re typing. This can lead to passwords and sensitive information being exposed.
This article explains how this process works and, most importantly, how to keep your passwords and personal information safe.
How can you hear a password? Through keystrokes
Keystrokes are essentially the buttons you press on a keyboard. They’ve always been highly sought-after by hackers because knowing what keys are used helps crack passwords, login details, credit card numbers, and other sensitive information.
One method of extracting this information is listening to you typing on a keyboard. Hackers intercept microphones and nearby recording devices, record your typing patterns, and analyze the audio.
As scary as this may seem, it isn’t necessarily a new phenomenon. In 2017, for example, researchers were already experimenting with how the sound of keystrokes could, in theory, help spy on people’s activity online.
These early prototypes had many weaknesses. Firstly, they struggled with eliminating background noise and clicking sounds, making it hard to isolate keystrokes. Additionally, they took a long time to piece together large chunks of information, making them an unattractive hacking method.
But recent advances in AI technology have changed everything.
Recording and analyzing keystroke audio is more reliable and quicker to crack than ever. New research from British universities has revealed how machine-learning algorithms have created a system of identifying which keys are typed with incredible accuracy.
The team developed the research around different recording devices and found that certain devices provided more accurate results. For example, when trained using a mobile phone recording of keystrokes, the algorithm proved 95% successful.
When trained on recordings through Zoom, which used keystroke sounds together with what the user was typing in chats, it was 93% successful.
In this day of remote working, this research is quite scary. It can mean that recording devices like your mobile phone, which might sit idly beside you during your workday, can be a major vulnerability to your cybersecurity.
Equally, “off-the-shelf” equipment like webcams and headsets, many of which have built-in microphones, can be exploited to extract the content of your typing, even
when not in use.
5 ways to protect yourself and your data
Thankfully, you are not defenseless against this type of cyber criminality. Despite emerging AI technology, malware protection tools and software can help protect you and your data from prying eyes and ears.
Below are five simple ways of protecting yourself:
1. Virus scanning
Whether you’ve recently clicked on a bad link or pop-up and want peace of mind as you browse the internet, high-quality antivirus software is essential to keeping your data safe.
Not only does it offer protection in real-time as you type, but you can also scan downloads for viruses, restrict access to unsecured websites, and perform regular checks to ensure nothing is on your system that compromises your microphone’s security.
2. Permissions
Apps and programs regularly need permission to use your microphones and
webcams. For example, it makes sense for your browser to request microphone use if you click into a Zoom meeting.
However, it might be a red flag if you’re doing something else and a program randomly wants the use of your microphone. You should regularly check to see what apps are requesting the use of your devices and when, as it might be an attempt by someone to listen to your typing.
3. Password protection
A strong password is an essential part of cybersecurity. Tips to strengthen passwords include using a variety of upper and lowercase letters, numbers, and symbols. Basically, the longer the password, the harder it is for hackers to crack.
Also, avoid using personal information or phrases, and never use the same password for multiple services. Some of the best malware protection software comes with password management features, which encrypt passwords and populate them
into fields so you don’t have to type them.
4. Two-factor authentication (2FA)
Two-factor authentication is an effective way of ensuring only you have access to your account. When logging into a service, you must verify your identity a second time – usually with a single-use code sent via email or text.
This means that even if your keystrokes are being logged, the hacker cannot do much, as they won’t have access to the verification code to log in with.
5. When not in use – mute or disconnect
Finally, another easy way to limit the chance of criminals listening to your keystrokes is to deny them the opportunity in the first place. If you’re not using your webcam, microphone, or other devices, disconnect them from your PC, or ensure they’re powered off fully. If you’re on a group Zoom or Skype call, be vigilant in muting your microphone each time you’ve finished speaking to hide any sound from your keystrokes. You can also place your mobile phone far from the workspace, ensuring it won’t pick up any
