We often talk of Network security in the context of
networked computers. In the present days of wireless connectivity we also
understand that network connection can be established without a wired
connection.
But a question which is now doing the rounds is "Is it
possible to manipulate a computer through electro magnetic impulses sent from a
distance" without any network connecton.?
I reproduce here an extract from iwar.org.uk which provides
some revealing information on this aspect.
"....Your computer screen emits radiations, even with the
strictest standards (civil), and it is possible, with the adequate equipment,
to reconstitute the contents of your remote screen. This technique was
employed by the FBI during the monitoring of Aldrich Ames, a KGB agent found
within the CIA.
The term used by the American army to describe this
technology is TEMPEST monitoring. Equipment protected from this type of
listening is known as TEMPEST certified. The standard defining the
details, such as the quantity of emitted radiations authorized, in order to
avoid any detection is classified. In the United States, it seems that the use
of the TEMPEST monitoring is possible by the government without court
authorization whereas it is illegal, for a private individual or a
private company, to protect himself !
If the design of such equipment is within the range of a
team of engineers, then it is extremely probable that bad guys can also
procure such equipment without problem to devote themselves to criminal
activities...."
The Tempest (Transient Electromagnetic Pulse Emanation
Standard))devices come in the form of a Card that can be
installed in the computer and are expected to be available for around USD
1000 in the years to come.
It is understandable that the CRT monitors which work on
electromagnetic radiations may be susceptible to spying and if so for
manipulation of the information display. (It is interesting to note that even
the LCD monitors also emit Electromagnetic radiations which can be picked up
from a distance.)
However it is not clear if electro magnetic radiations have
been succesfully used to say erase the data on a hard disk from a distance
though it is not difficult to imagine such a possibility.
The next question that arises is "Whether such intervention
can be controlled so that a specific data string can be created on a remote hard
disk.".
Since Key Boards are also said to emanate electromagnetic
radiations, it should theoretically be conceded that by identifying and
simulating the electromagnetic radiations emanating from a Key Board there may
be a possibility of controlled modification of data in a computer.
It would be a challenge for security specialists to protect
computer data from such invisible remote attacks referred to as Van Eck
Phreaking.
Naavi
November 16, 2004
Related Article:
Is It Possible to Eavesdrop on Electromagnetic Radiation?..Slashdot.org
Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?
Soft
Tempest: Hidden Data Transmission Using Electromagnetic Emanations
The
Complete, Unofficial TEMPEST Information Page
TEMPEST Attacks Recreating data from electromagnetic
waves
