Researchers at the University of California, Irvine have discovered that the safe operation of a negative pressure room—a space in a hospital or biological research laboratory designed to protect outside areas from exposure to deadly pathogens—can be disrupted by an attacker armed with little more than a smartphone.
According to UCI cyber-physical systems security experts, who shared their findings with attendees at the Association for Computing Machinery’s recent Conference on Computer and Communications Security in Los Angeles, mechanisms that control airflow in and out of biocontainment facilities can be tricked into functioning irregularly by a sound of a particular frequency, possibly tucked surreptitiously into a popular song.
“Someone could play a piece of music loaded on their smartphone or get it to transmit from a television or other audio device in or near a negative pressure room,” said senior co-author Mohammad Al Faruque, UCI professor of electrical engineering and computer science. “If that music is embedded with a tone that matches the resonant frequency of the pressure controls of one of these spaces, it could cause a malfunction and a leak of deadly microbes.”