In 2020, at the USENIX security symposium, researchers from the University of Michigan (USA), presented the discovery of a rather interesting phenomenon – the possibility of influencing the operation of a microphone, with a laser beam of appropriately selected frequency and power. The discovery is significant enough to enable the issuance of voice commands to smart devices and smartphones without having to be within the range of the receiving device’s microphone.
This makes Google Home or Amazon Echo devices vulnerable to usage by unwanted parties, such as someone directing a laser at the device’s microphone through a window or even from a neighboring building. This is important because these devices do not have speaker recognition enabled by default, so they will accept commands from any person (unlike most phones that only recognize their owner’s voice by default). Moreover, it has been proven that the color of the light does not matter and it does not necessarily have to be a laser beam, but a sufficiently strong and focused light source is sufficient.
This type of solution allows easy access to smart home devices such as air conditioners, smart light switches or even smart door locks. How to protect yourself from such an attack? There are several methods. One suggestion could be… to limit the visibility of the microphone, by for example, turning the device away from the window. However, there are more developed techniques to mitigate these types of attacks, such as forcing the use of a few microphones to verify that the user is in the room. Fortunately, no such attacks have been identified so far.
Source:
