AI can snoop on your computer screen using signals leaking from HDMI cables — researchers develop new AI model that enables using antennas for long-range attacks

News
By
published

Signal interception can be a problem, but not for most home computer users

Hacker
(Image credit: Shutterstock)

Researchers in Uruguay have uncovered a way for hackers to use AI to snoop on what’s shown on your display by intercepting leaked electromagnetic radiation from the cable between your computer and monitor. They say such attacks are probably already happening, but home PC users don’t have much to worry about. The attacks can be done through multiple methods, including by using antennas placed outside a building to intercept signals from HDMI cables.

The spying is done by intercepting the electromagnetic radiation that leaks from your computer’s HDMI cable. Such snooping was much easier in the days of analog video signals, they say, because the digital transmission used for high-definition video is much more complex.

More complex, but that doesn’t mean the task is impossible. According to Federico Larroca at the University of the Republic in Uruguay, he and his team have developed an AI model that can reconstruct digital signals from leaked signals several meters away.

The U.S. National Security Agency (NSA) and NATO call these sorts of attacks TEMPEST attacks. The NSA’s TEMPEST standards (PDF) mandate protections to prevent electromagnetic radiation that hackers might intercept and interpret.

Using a method similar to the one Larroca’s team developed, hackers could snoop on a screen as the user entered encrypted messages, banking log-ins, or other personal information. The hackers could, the team says, intercept the signals even standing outside the building with an antenna. They could also plant a small device that captures the signals and either transmits the data or someone recovers it physically.

The researchers trained the AI model using a set of matching original and intercepted signals. Then, they used text recognition software on the recovered image and compared it to the original screen Image. In their testing, the eavesdropping process misinterpreted approximately 30% of the characters. The team says that the error rate is low enough that humans could still read most of the text accurately.

What’s concerning is that such attacks are growing more successful. The previous state-of-the-art attack method was about 60% more prone to errors than the one Larroca’s team has devised. The silver lining is that Larroca doubts the average home or small business computer user needs to worry about it.

Instead, Larroca believes such attacks are already happening, but only in highly sensitive industrial or government settings. In these cases, entire buildings are often shielded from electromagnet signals to prevent such security breaches. “Governments are worried about this, but I wouldn’t say that the normal user should be too concerned,” Larroca said. “But if you really care about your security, whatever your reasons are, this could be a problem.”

Jeff Butts
Jeff Butts
Contributing Writer

Jeff Butts has been covering tech news for more than a decade, and his IT experience predates the internet. Yes, he remembers when 9600 baud was “fast.” He especially enjoys covering DIY and Maker topics, along with anything on the bleeding edge of technology.

7 Comments Comment from the forums
  • derekullo
    Moral of the story is to always have Baby shark playing on a few monitors of your house at all times to thwart eavesdroppers!
    Reply
  • COLGeek
    I find this amusing. Many years ago, the US DoD was concerned about similar "eavesdropping" of system digital emissions. Technically, there was some risk and there were actual mitigation strategies.

    However, my argument was more practical (largely because of cost, weight, performance impacts, etc). If the bad guys were that close, we should be more worried about "terminal lead poisoning".

    While the AI aspect of the article is novel, the overall issue is not.
    Reply
  • GoofyOne
    No mention of Display Port?? DP signals are actually higher level than HDMI aren't they? So there would be more electromagnetic radiation from those cables.


    {GoofyOne's 2c worth .... which may or may not be actually worth 2c}
    Reply
  • edzieba
    There have been existing techniques for grabbing display images from EMF emissions from VGA, DVI, DP, and HDMI (AKA jacked-up single-link DVI) as long as those interfaces have existed. Throwing the AI buzzword at it is pretty pointless.
    Reply
  • ex_bubblehead
    Having dealt with Tempest for many years this is NOT news. The KGB sitting in vans parked across the street from the target was recreating CRT displays from unshielded monitors many decades ago so this is absolutely nothing new at all.
    Reply
  • Li Ken-un
    Finally! HDCP can be used in a way that isn’t solely to stymie consumers from using their own property!*

    (* They’d still be looking at risks like electromagnetic radiation from other sources including the display itself.)
    Reply
  • GoofyOne
    What about optical HDMI cables? I suppose they would still shed a bit of electromagnetic energy at the connectors.

    Well that's it isn't it ... the ultimate conclusion everyone is coming to is that Tom's Hardware should get a kit and test out a whole bunch of cables :)


    {GoofyOne's 2c worth .... which may or may not be actually worth anything at all}
    Reply