Electromagnetic radiation is everywhere today. That may sound scary, but most of it is harmless, with Wi-Fi, Bluetooth, cellular networks, and other radio waves serving many vital functions in life and business. However, as the world relies more heavily on these signals, cybercriminals are starting to take advantage of them through electromagnetic attacks.
What Is an Electromagnetic Attack?
An electromagnetic (EM) cyberattack uses EM signals to spy on or interfere with a device. Electromagnetic waves are everywhere — even visible light is a type of electromagnetic energy — and all living things and virtually all electronics emit them. EM attacks target specific wavelengths from devices to access sensitive information, control the machine or disrupt the device’s operation.
One of the earliest examples of an EM attack came in 1985 when computer scientist Wim Van Eck discovered he could spy on computers through EM waves. With just $15 worth of equipment, Van Eck could record unintentional EM radiation from a computer screen and translate it to recreate what was on the monitor. Consequently, he could see what someone was doing on a computer hundreds of meters away.
How Do Electromagnetic Attacks Work?
This early example, later called Van Eck phreaking, takes advantage of unintended EM signals. While many forms of electromagnetic communication are intentional, electronics often give off subtle waves even when they’re not actively communicating with anything.
If someone can pick up on these signals, they can sometimes analyze them to learn what actions caused them. As a result, they can spy on device activity by translating these energy waves.
Cybercriminals can also use electromagnetic attacks to target intentional EM signals like Wi-Fi or Bluetooth. They may tweak these signals to send sensitive information to unauthorized devices or interfere with their operation by controlling some functions remotely or interrupting other functions to stop them from working.
Types of Electromagnetic Attacks
Because EM waves are abundant and serve many uses, electromagnetic attacks come in several forms. Here are some of the most common ways cybercriminals use EM radiation today.
Jamming
Jamming is the most straightforward kind of electromagnetic attack. In these incidents, attackers send signals of a specific frequency to disrupt another electronic device. That can range from stopping it from communicating with other endpoints to overloading its circuits and breaking it entirely.
Every electronic device has a specific electromagnetic compatibility (EMC), which determines its resistance to outside EM radiation while not interfering with other electronics. If attackers send enough signals outside an endpoint’s EMC range, the different wavelengths will disturb one another, getting in the way of regular operation.
TEMPEST Eavesdropping
Other EM attacks use a similar process to Van Eck phreaking. They look at a device’s EM emissions and mechanical and acoustic signals to decode its actions. The attackers can then read text messages, listen to phone calls or see what’s on the screen.
This type of attack is called TEMPEST eavesdropping, named after a U.S. government spy program that used it. While performing these attacks is technologically complex, open-source software tools make them easier. Consequently, they could rise in popularity — especially as a way to target Internet of Things (IoT) devices.
GhostTouch
Security researchers have recently discovered another way cybercriminals can use EM attacks called GhostTouch. Instead of spying on users through EM radiation or interfering with radio signals, GhostTouch emits EM waves to control touchscreens without physically touching them.
Because the touchscreens in many modern phones are capacitive — meaning they respond to electrostatic signals from users’ fingers instead of pressure — they’re sensitive to EM radiation. Researchers could use that sensitivity to control nine phone models without touching them. That includes answering phone calls, pressing buttons, and entering passwords.
COVID-bit
COVID-bit is another recently discovered type of electromagnetic attack. This attack method uses EM signals to send sensitive data from air-gapped devices to other endpoints two or more meters away despite not being connected to the internet.
Attackers must first physically access the air-gapped device to perform these attacks. Once inside, they can install malware that EM radiation from the computer’s power supply. From there, cybercriminals can come back with a smartphone or laptop to receive these signals and spy on any activity on the device.
Dangers of Electromagnetic Attacks
These electromagnetic attacks aren’t necessarily common compared to other attack methods but present a significant threat. Because EM radiation is so common, stopping or controlling the wavelengths attackers take advantage of can be tricky. Similarly, these attacks may not always stand out because EM waves are subtle and already all around.
While EM waves open several opportunities for cybercriminals, businesses can’t reasonably cut out all electromagnetic communications. Many critical processes depend on these signals. Experts expect more than 29 billion IoT connections by 2030, too, suggesting electromagnetic waves will play an even more critical role.
As the world’s reliance on EM communication grows, attacks targeting these waves will become more disruptive. Given that severity, electronics developers, security teams, and users must pay attention to these growing threats.
How to Defend Against Electromagnetic Attacks
Electromagnetic attacks are concerning, but they’re not impossible to defend against. Here are some steps businesses can take to stay safe.
Implement Electromagnetic Shielding
The most straightforward way to protect against EM attacks is for device manufacturers to install electromagnetic shielding in their products. EM shielding covers components with restricting materials to limit electromagnetic radiation from entering them. Many devices already feature these systems to improve their EMC, but expanding them will help defend against EM attacks.
Electromagnetic shielding does have a downside in that it can limit device performance. However, newer materials and designs are far better at shielding components while enabling desirable EM communications. More research in this area could make these defenses more practical.
Restrict Physical Access to Devices
Another important measure is to limit people’s physical access to critical devices. While many EM attacks act remotely, they must be reasonably close. COVID-bit requires physical access to install the EM-emitting malware, and GhostTouch only works when attackers are right next to their target. Restricting who can get close to work computers and other devices will help prevent these attacks.
Businesses should keep critical electronics behind locked doors and use a keycard system for entry to track who accesses the room at what time. Home users don’t have to worry as much, but it may be a good idea to review security camera best practices to monitor access to home offices.
Tighten Data Access Controls
Device manufacturers should also implement tighter controls around access permissions. Computers, phones, and similar gadgets should require users to verify their identity before letting them perform high-risk actions like sharing sensitive information or changing passwords.
Before accessing or moving sensitive data, an extra verification step will make electromagnetic attacks less effective. Even if a cybercriminal uses EM waves to control the touch actions on the phone, for example, they’d be unable to access anything sensitive through these signals.
Monitor for Attacks
Finally, security teams should watch for EM attacks. Monitoring for unusual spikes in wireless communication or power supply activity can help find and respond to incidents before they cause much damage.
Artificial intelligence is an ideal security monitoring tool, thanks to its accuracy and speed in recognizing patterns. Consequently, it can help security teams watch for EM attacks when businesses lack the staffing numbers or expertise to do it manually.
Cybercrime Is a Large and Always Evolving Field
Cybercriminals are continually coming up with new ways to target devices. EM attacks are an excellent example. As security trends shift, businesses should stay on top of the emerging ways their technology may be vulnerable so they can adapt and stay safe.
Electromagnetic attacks could become a significant threat as more cybercriminals take advantage of them. Recognizing these threats is the first step to defending against them, so staying on top of these developments is essential.