Wednesday, November 5, 2014

The Latest Hacking Craze - Old Attacks - New Technology

SLC Security provides an SDR course for beginners. What is an SDR you ask? SDR stands for "software defined radio". No longer is it the craze to go and buy or construct a tinfoil hat in 2014. In fact even if you did there are still ways to pickup very tiny signals, in much larger signals (trace signals) that used to be nearly impossible. OK, OK enough of the rambling.

One vector we are starting to see from hackers is definitely old technology. Remember TEMPEST? Well if you don't know anything about it, let me just say it's the unintentional transmission of signals from devices that are not properly shielded. Or in some cases that can't be shielded due to their design.

Everything with electrical energy passing through it has some sort of emission. Some devices such as transmitters are designed to emit this RF energy, some things like your computer monitor or your USB keyboard are not (but they do). Utilizing $20 USD in equipment it is possible to capture keystrokes and recover the text being typed at around 85% accuracy. It's possible to get about 80% of your monitors pixels also from the same methods and while the picture may be fuzzy it is somewhat readable.

Don't believe me? Well you don't have to. Here's something you can play with if you have a monitor and an AM radio. That's right your computer monitor likes to transmit AM radio...

Download "Tempest for Eliza" and give it a shot. I think you will have some fun with it. Then when your done call us and we can show you how we can recover your works screens during an audit from 21 feet away, through a wall from a parking lot, another floor, etc, etc. Oh and don't get us started on some of the lovely Cisco equipment out there that is inexpensive. That wireless router is leaking like you wouldn't believe (and not on the intended frequencies either).

We have so much fun doing our jobs. It's nice to take a break and get silly from time to time.

SLC Security Services LLC is licensed for Counterintelligence Service in the State of North Carolina. We operate in all 50 states and are available for TSCM related sweeps and consulting, RF engineering and Satcom Engineering work. Call (919)441-7353 and request to talk to a TSCM tech.

No comments:

Post a Comment