- FTTH and enterprise fiber connections are at risk of interception – and it’s not the internet traffic you should be worried about
- DAS technology analyses the effects of vibrations (or sound) on laser pulses through fiber cables
- Attackers can exploit this with the help of AI to decipher your conversations
New research covered in Science has revealed the very fiber optic cables which connect billions of households and commercial premises to the internet could actually be used as covert listening devices.
We’ve already seen subsea cables being repurposed, or multipurposed, as environmental sensors and data collection tools capable of detecting ships, earthquakes, underwater drones, anchor drags and more, but it’s now been revealed that previously low-risk fiber optic spying is now a higher risk than ever thanks to AI.
According to the analysis, the attack is most feasible on Fibre-to-the-Home (FTTH) and enterprise fiber connections where cables physically pass closely to occupied spaces, where conversations are most likely to be happening.
AI is now enabling cybercriminals to listen into your conversations
The revelation stems from analysis of a technology called Distributed Acoustic Sensing (DAS), which effectively turns a single fiber optic cable into thousands of vibration sensors spread along its length.
DAS works by sending laser pulses down a cable and analysing minor changes in light reflections. Those changes are caused by sound waves, which cause tiny deformations to the glass fiber – enough to see measurable differences in the light patterns.
“We show that in almost every case where you use these fibers, this could be a privacy concern,” University of Edinburgh geophysicist Jack Lee Smith explained during a presentation at the general assembly of the European Geosciences Union.
The research revealed how an attacker only needs access to one end of the cable and DAS hardware that’s generally commercially available to conduct an attack, which raises widespread security concerns given the proliferation of fiber optics in delivering higher-speed broadband and the fact that fiber had previously been considered far more secure than copper against interception.
It also serves as an important reminder that attackers can also exploit lesser-reported side channels – rather than intercepting the internet traffic itself. Remember, they’re using the physical cable as a vibration sensor to pick up ambient and environmental sounds.
The researchers demonstrated that, under certain conditions and with the help of artificial intelligence, nearby conversations, keyboard typing, television audio and other sounds could be reconstructed.
Real-world limitations do, however, threaten its efficacy as a spying tool. Background noise, signal degradation, cable insulation and network branching all degrade an attacker’s chances of converting distorted light signals into reliable audio.
As for non-attackers, this technology is already being used in the UK to detect underground water leaks. It’s also used globally for pipeline monitoring, perimeter security, traffic monitoring and more, proving that the humble fiber optic cable’s uses span much, much further than just delivering broadband connections.
Smith’s work shows that the real-world threat is still low, with the best efficacy coming from intercepting surface-level, coiled cables placed within five meters of a sound. Burying a cable even by just 20cm of soil is enough to impact the sound quality, as are straight cables (even if they’re at surface level).
However, while the practical risks today remain pretty low, the mere feasibility of the attack combined with the rapid pace of advances in AI suggests that infrastructure deployed today could present a more meaningful security risk in the future.
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds.
https://cdn.mos.cms.futurecdn.net/kFh4YtNQ2LzicE4xxh9m2e-2560-80.jpg
Source link
