Researchers have uncovered a new and alarming method by which hackers can eavesdrop on video content via HDMI cables.
A team from the Universidad de la República in Montevideo, Uruguay, has revealed that it's possible to capture electromagnetic radiation emitted from an HDMI cable and use artificial intelligence (AI) to interpret the video data.
Their research, published on ArXiv, a repository for scientific articles, sheds light on a new threat dubbed "Deep-TEMPEST."
How It Works
The "Deep-TEMPEST" method exploits minor fluctuations in electromagnetic energy from an HDMI signal.
Even though HDMI cables are wired and usually encrypted, they still emit enough electromagnetic radiation to be intercepted without direct access.
According to PCWorld, the AI model developed by the researchers can interpret these signals with surprising accuracy.
While detecting these electromagnetic signals is one challenge, decoding them is another.
By training an AI model, the researchers were able to read the information with up to 70 percent accuracy.
Although this isn’t a perfect replication of the video content, it represents a 60 percent improvement over previous techniques. This level of accuracy is sufficient to potentially steal sensitive information, such as passwords.
The method is based on an older concept known as TEMPEST (Transient ElectroMagnetic Pulse Emanation Standard), which dates back to World War II.
HDMI cables, typically protected by the HDCP encryption system, were not previously considered vulnerable to this type of attack. However, the integration of AI into this technique has drastically altered that perception.
The researchers warn that similar techniques are likely already being used by state actors and industrial spies.
Although the attack requires close proximity to the targeted system, making it less of a threat to ordinary users, it poses a significant risk to government agencies and large corporations with sensitive data.
What You Can Do
While everyday users may not need to panic, organizations with high-security needs should take precautions.
This includes investing in electromagnetic shielding for sensitive work environments, especially for remote employees.
