Underwater Data Centers Are the Future. But a Speaker System Could Cripple Them.

In 2018, Microsoft plunged almost 1,000 servers more than 100 feet beneath the Scottish sea. No mere stunt, it was a test of bold plans to sustainably meet our growing appetite for cloud computing services. 

By harnessing the natural cooling properties of ocean water, companies hope to dramatically cut cooling costs and emissions. But with the rise of underwater data centers comes a new threat — the potential for attacks targeting critical internet infrastructure hidden beneath the waves.

Now, new research reveals that such an attack could come from little more than a pool speaker playing a high D note.

The new study from a group of cybersecurity and robotics researchers at the University of Florida and the University of Electro-Communications in Japan reveals for the first time a critical vulnerability of underwater data centers: sound. Carried by dense water, and targeting the resonant frequencies of hard drives, sound injection attacks can make servers unresponsive and crash networks. After just a few minutes, some hard drives are even permanently destroyed.

However, the scientists also developed a machine learning algorithm that can accurately identify sound attacks, allowing the system to respond before it crashes. The researchers aim to work with technology companies to improve data center security by safeguarding against attacks before they happen.

The team, led by UF Professor of Computer and Information Science and Engineering Sara Rampazzi, Ph.D., shared their findings on acoustic attacks in a paper presented May 20 at the 45th IEEE Symposium on Security and Privacy, an international cybersecurity conference.

Read more about Underwater Data Centers Are the Future. But a Speaker System Could Cripple Them.