With ‘Spectra’, Researchers Highlight Fundamental Design Flaws in Wireless Communications Chips

The Spectra Attack

• In May 2020, the attack dubbed Spectra was developed by researchers in Germany, which takes advantage of the coexistence mechanisms of multiple wireless technologies included on a single chipset.
• This attack works against "combo chips," specialized chips that handle multiple types of radio wave-based wireless communications, such as Wi-Fi, Bluetooth, LTE, etc. By carrying out side-channel attacks, an attacker can steal data from other wireless technologies the combo chip supports.
• The analyzed chipsets include Broadcom and Cypress combo chips, which are used in millions of devices, such as all iPhones, MacBooks, and the Samsung Galaxy S series phones. Other combo chipset manufacturers are likely vulnerable to Spectra attacks as well.
• The researchers did not provide more technical details about this attack, but they plan to present the details in August at the Black Hat 2020 security conference.

Recent groundbreaking discoveries

• In May 2020, a vulnerability dubbed ‘Bluetooth Impersonation AttackS’ (BIAS) was identified in a large number of commercially available Bluetooth devices, including all major vendors selling smartphones, laptops, tablets, headphones, and system-on-chip boards, impacting billions of devices. 
• In February 2020, a serious flaw dubbed KrØØk was found in Wi-Fi chips manufactured by Broadcom and Cypress, which impacted billions of Wi-Fi devices in use. It could cause the vulnerable devices to use an all-zero encryption key to encrypt part of the user’s communication, thus rendering encryption useless.

The bottom line