Electromagnetic radiation leaking from the cable between your computer and monitor can be intercepted and decoded by AI to reveal what you are looking at.
Hackers can intercept electromagnetic radiation leaking from the cable between your monitor and computer and decode what you are seeing on screen with the help of artificial intelligence. Such attacks are probably taking place in the real world, says the team behind the work, but ordinary computer users have little to worry about.
The connection between computers and screens used to be entirely analogue, but today they tend to be digital and transmit data in binary along a high-definition multimedia interface (HDMI) cable. Whenever a signal is sent through a wire, there is a certain amount of electromagnetic radiation leakage, and with analogue signals this could be relatively easily read by hackers.
Hackers could view someone’s computer screen by picking up signals from the HDMI cable g-stockstudio/Getty Images |
Attacks that capitalise on this phenomenon are known as TEMPEST after the US National Security Agency’s standard for shielding wires to prevent them. Digital signals are more complex and carry more data in complex formats, which makes them harder to decode even if they can still be easily intercepted.
Now, Federico Larroca at the University of the Republic in Montevideo, Uruguay, and his colleagues have developed an AI model that can reconstruct digital signals that were intercepted from a few metres away. The AI was trained using a set of matching original and intercepted signals.
To measure the performance of the attack, the team used text capture software on the recovered image and compared the resulting text to the original screen image. Around 30 per cent of characters were misinterpreted by the eavesdropping process, but that is low enough that humans can read most of the text accurately, the team says. This error rate is about 60 per cent lower than the previous state-of-the-art attack, the researchers add.
With this technique, hackers could spy on a screen as the user entered personal details, bank log-ins or encrypted messages. Hackers could intercept the signals either by standing outside a building with an antenna that captures images in real time, or by planting a small device that captures images and either transmits them or is recovered physically.
Larroca says such attacks are probably already happening in highly sensitive industrial or government settings – where buildings are sometimes entirely shielded from electromagnetic signals at great cost as a security measure – but that regular users shouldn’t be too concerned.
“Governments are worried about this, [but] I wouldn’t say that the normal user should be too concerned,” says Larroca. “But if you really care about your security, whatever your reasons are, this could be a problem.”
Reference:
arXiv DOI: arXiv:2407.09717v1v