Talk Title:

Protect your screen from eavesdropping: don’t forget its power supply

Abstract:

Electromagnetic eavesdropping, also named as TEMPEST threat, is nowadays widely known. The principle of this attack is to collect electromagnetic waves produced by electronic components or systems (e.g., screen, graphic card) and to process them in order to recover the processed data (e.g., the video stream). The advantage of this attack, from an attacker point of view, is to get access to sensitive data without any physical access nor physical or software implant. Furthermore, it is not possible to detect if an electromagnetic eavesdropping is currently running or not, because it is only based on receiving data, there is no interaction between the attacker and the target device.

During the presentation, we propose to detail:

• An explanation of the origin of electromagnetic leakages
• An up-to-date synthesis on electromagnetic eavesdropping threat
• How to protect entities from electromagnetic eavesdropping
• A classical demo on aerial eavesdropping
• A demo, never shown before, on conducted eavesdropping on power supply line Both demos will be based on Martin Marinov’s software TempestSDR. During the first demo, an interception of a computer screen based on the reception of radiated electronic waves due to the use of an unshielded video cable. Then, a second demo will be based on the interception of electromagnetic waves which leak along the power supply line and collected using a current clamp.