Attacking networks using electromagnetic interference
According to a report in Defense News, the Intelligence and Information Warfare Directorate (I2WD), a research section of the US Army, is looking at ways of using electromagnetic waves to infiltrate sealed networks. The report states that the army is running the Tactical Electromagnetic Cyber Warfare Demonstrator programme with objectives which include both extracting data from and injecting data into sealed cable networks.
Such capabilities would, for example, make it possible to inject a government trojan into a network by briefly parking a vehicle in front of the building housing the target network. This could in theory also be achieved using an unmanned aircraft flying over the target building. Networks used for critical activities are usually sealed off from the outside world, meaning that injecting a worm requires physical access to the network.
Iran's uranium enrichment facility at Natanz, for example, was infected using a specially prepared USB flash drive containing the Stuxnet worm. In response, such drives were then banned from the facility. The use of USB drives is also banned in many other critical areas. Injection using electromagnetic radiation would therefore provide a welcome alternative – and not just for the US government.
According to Defense News, its expert sources have led it to understand that the relevant technology already exists and is sufficiently light and compact to be carried by a single individual. There are, however, still significant range and bandwidth limitations. The transmission system has to be very close to the target network and transmission of complex data still takes a long time. For confidentiality reasons, the unnamed expert did not wish to provide the magazine with further details, making it hard to assess the reliability of their statements.
The idea that electromagnetic emissions from electronic devices can be used for espionage is not new – the NSA has been carrying out research in this area for decades under the code name TEMPEST. It is based on the principle that cables in electronic devices also act as antennas, broadcasting data transferred over them. Eavesdropping attacks on keyboards and monitors using this technique have already been demonstrated.