Global InformationVan Eck phreaking information
Van Eck phreaking, also known as Van Eck radiation, is a form of eavesdropping in which special equipment is used to pick up side-band electromagnetic emissions from electronic devices that correlate to hidden signals or data to recreate these signals or data to spy on the electronic device. Side-band electromagnetic radiation emissions are present in (and with the proper equipment, can be captured from) keyboards, computer displays, printers, and other electronic devices.
In 1985, Wim van Eck published the first unclassified technical analysis of the security risks of emanations from computer monitors.[1][2] This paper caused some consternation in the security community, which had previously believed that such monitoring was a highly sophisticated attack available only to governments; van Eck successfully eavesdropped on a real system, at a range of hundreds of metres, using just $15 worth of equipment plus a television set.
As a consequence of this research, such emanations are sometimes called "van Eck radiation", and the eavesdropping technique van Eck phreaking. Government researchers were already aware of the danger, as Bell Labs had noted this vulnerability to secure teleprinter communications during World War II and was able to produce 75% of the plaintext being processed in a secure facility from a distance of 80 feet (24 metres).[3] Additionally, the NSA published Tempest Fundamentals, NSA-82-89, NACSIM 5000, National Security Agency (Classified) on February 1, 1982. Also, the van Eck technique was successfully demonstrated to non-TEMPEST personnel in Korea during the Korean War in the 1950s.
While phreaking is the process of exploiting telephone networks, it is used here because of its connection to eavesdropping. Van Eck phreaking of CRT displays is the process of eavesdropping on the contents of a CRT by detecting its electromagnetic emissions.
- ^ Greenberg, Andy (21 June 2020). "Hacker Lexicon: What Is a Side Channel Attack?". Wired.
- ^ Cite error: The named reference
emrwas invoked but never defined (see the help page). - ^ "A History of U.S. Communications Security (Volumes I and II)"; David G. Boak Lectures" (PDF). National Security Agency. 1973. p. 90.