Corporate Spies Can Exploit Computer Lights, Monitor Glow

Printer-friendly version Email this CRN article

By monitoring the flashing lights on electronics equipment and the indirect glow from monitors, scientists have discovered ways to remotely eavesdrop on computer data.

The two methods are relatively simple to carry out, but also easy to prevent, according to scientific papers written by researchers in the United States and Britain.

"Data communication equipment, and even data encryption devices, sometimes emit modulated optical signals that carry enough information for an eavesdropper to reproduce the entire data stream," the authors of one paper write. "It requires little apparatus, can be done at a considerable distance, and is completely undetectable."

One study details how flickering light from a common screen reflected off a wall can reveal whatever appears on the screen of a PC monitor.

Computer users who rely on external modems with blinking lights to connect to the Internet are also vulnerable, according to the second paper. Dial-up modems running at up to 56 Kbits/s are at risk. Higher-speed connections using cable modems or digital phone lines appear safe.

This latter paper, entitled "Information Leakage from Optical Emanations," concludes that optical signals from the little flashing LED lights, usually red and dotting everything from modems to keyboards and routers, can be captured with a telescope or long-distance lens and processed to reveal all the data passing through the device.

"Most researchers are interested in more sophisticated compromises of information," says Joe Loughry, the paper's author, who made the discovery as a graduate student at Seattle University.

LED lights, which indicate the status of activities on the device such as data transfer, are easily read from across the room, but also from across the street and even further, Loughry says.

Not every light-emitting piece of equipment is at risk, though.

The vulnerability affects equipment used in low-speed, long-distance networks typically found in proprietary networks, such as bank ATMs, as opposed to higher-speed corporate local area networks, Loughry says.

Some slower modems that use so-called pulse stretching technology are also protected, although this appears to be the unintentional side effect of simply making the lights more visible to the naked eye, he says.

Loughry says he was able to collect a strong optical signal from 20 meters (about 22 yards) using optical sensor equipment that is not very expensive. Someone with a 16-inch telescope could eavesdrop on LEDs from as far away as several kilometers, or beyond a mile, he adds.

Staring Hin In the Face

The concept that data can be intercepted from computers is not new, Loughry points out. Since the 1960s, the U.S. government has known about the risk from emanations of radio frequencies from computers and video displays.

"They've known to put sensitive data processing systems in shielded rooms for decades," he says.

Loughry is now a software engineer with Lockheed Martin Space Systems in Denver. He began his research on LEDs in 1994 when he was a graduate student at Seattle University.

"I was working very late one night and waiting for a long file transfer to complete and I was just staring at these lights on the front of the modem and started to wonder if there was anything there," he says.

"I guess it's just one of those things where no one ever stopped to think about it," says co-author David Umphress, Loughry's former academic advisor, who now works as software engineering professor at Alabama's Auburn University. "This has taken a lot of security researchers by surprise."

The paper has been reviewed by peers and is scheduled to be published sometime this year, in the scientific journal for the Association for Computing Machinery, called "ACM Transaction on Information and System Security," Umphress says.

The researchers submitted their research to the National Security Agency late in 2000.

"They came back about a year later and said 'thank you very much,'" Loughry says, allowing the two to proceed with their scientific paper.

As part of the peer review process, the two became aware of the other optical eavesdropping study, entitled "Optical Time-Domain Eavesdropping Risks of CRT Displays."

Solutions Found In Candles and Black Tape

That paper points out ways to read computer data on the sly, but via indirect monitor light reflected off a surface rather than by viewing a LED light.

"Not even curtains, blinds or windows with etched or frosted glass surfaces--as are frequently used to block views into rooms--are necessarily an effective protection," Markus Kuhn, of Cambridge University, wrote in the CRT paper.

Light from the sun and candles can help diffuse monitor glow so it is unreadable. Monitors using newer LCDs also are not as vulnerable, writes Kuhn. He is scheduled to present his findings at the Institute of Electrical and Electronics Engineers Symposium on Security and Privacy in Oakland, Calif., in May.

With LED eavesdropping, Loughry found a wide range of vulnerable devices ranging from airport payphones with keyboards, the digital control box of a player piano, a satellite data receiver and a switchboard call data recorder.

"Ironically, it may be the simplest devices--low-speed, obsolete, insignificant parts of a network--that provide a gateway for intruders," Loughry's paper says.

The solutions are easy--locate equipment away from windows, put black tape over LEDs or deactivate them when not in use. Equipment manufacturers also can modify the devices, Loughry says.

In addition, Loughry found that data encryption devices and modems with built-in encryption, like those used by financial institutions on their wire transfer and ATM networks, emit optical signals in unencrypted form.

Copyright 2002 Reuters Limited. All rights reserved.

Republication or redistribution of Reuters content, including by framing or similar means, is expressly prohibited without the prior written consent of Reuters.

Reuters shall be not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Printer-friendly version Email this CRN article