“Tempest” Is it an urban legend? April 21st, 20:07
"The time was 1962. A U.S. military officer stationed in Japan was patrolling around a cryptographic center that handles confidential military information. One day, I suddenly went to a Japanese hospital across the street from the center. When I turned my eyes, I saw a suspicious antenna. The next day, the antenna disappeared. "
This is a sentence explaining the information theft technology that was said to have been actively used in intelligence activities during the Cold War.
The technology called "Tempest" steals information by intercepting and analyzing the leaked electromagnetic waves.
It is said that the risk of information around us being stolen by the technology is secretly increasing now that Corona is a disaster.
(Science and Culture Department Reporter Soichiro Kurose)
Electromagnetic wave intelligence warfare in Japan during the Cold War !?
The text introduced at the beginning is a part of the text for communication interceptors issued by the US NSA = National Security Agency, which was declassified in 2007.
Looking at it in a little more detail, there is the following description.
"The time was 1962. A U.S. military officer stationed in Japan was patrolling around a cryptographic center that handles confidential military information. One day, he put it on the wall of the hospital garage across the street. I found a suspicious antenna that was wired in. Immediately after contacting the NSA = National Security Agency through the Army, I was instructed to investigate. However, the next day, the antenna had disappeared. There were a lot of antennas, but only those antennas were clearly facing the crypto center. "
This treatise was written in 1972 during the Cold War.
Although it is not clear, the suspicious antenna aimed at the US military cryptographic center was thought to have been intended to intercept the contents of the communication by reading the electromagnetic waves emitted by the enemy country from communication equipment.
Information is stolen by reading electromagnetic waves leaking from communication devices.
At this time, this technique was named "Tempest".
Originally, the word Tempest means "storm" or "storm".
There is a theory that it took the English acronym meaning "electronic device protected from leaked signals", but there is also a theory that the NSA simply called it as a code name.
Pay attention to the danger of "Tempest" in Corona
About half a century later, this January.
At the Information Security Society of Japan, an announcement was made that the risk of Tempest was increasing in our immediate surroundings.
"Speakerphone"
A device that integrates a small speaker and a microphone that are used by connecting to a personal computer.
It is said that this device, which is increasingly used for web conferencing, may be targeted as teleworking at home is prolonged due to the corona virus.
A research group of Professor Yuichi Hayashi of Nara Institute of Science and Technology bought commercially available speakerphones and investigated the electromagnetic waves leaking from them.
Then, it was found that sound information was included in the leaked electromagnetic waves in some models.
The sound that can be heard is the vibration of air, and at the number of vibrations per second = hertz, humans can hear from 20 hertz to 20000 hertz.
However, electromagnetic waves oscillate much faster, in the megahertz = 1 million hertz range, and are usually inaudible to the human ear.
In the experiment, a voice reading the English lyrics of Mary's sheep was played from the speakerphone.
Then, an antenna was installed at a remote location, electromagnetic waves emitted from the speakerphone were received, analyzed by a personal computer, and reproduced as voice.
Then, although the quality was lower than the original voice, I was able to hear the words with the sound quality of listening to a noisy radio.
Of the eight models of commercially available speakerphone products used in the experiment, six models from six companies were able to reproduce voice information.
The frequency of electromagnetic waves varied depending on the model, but was in the range of 3 to 6 MHz.
Electromagnetic waves could be received and reproduced as voice even at a distance of up to 25 meters.
Even if you couldn't hear it, you could "listen" to the audio information with electromagnetic waves.
Professor Yuichi Hayashi, Nara Institute of Science and Technology
"I was very surprised that the audio information contained in the electromagnetic waves could actually be reproduced clearly even at a remote location.
Electromagnetic waves were emitted from converters that convert digital audio signals sent from personal computers to analog, and then amplifiers that amplify the signals.
The voice of the speakerphone is exchanged as a digital signal, that is, 0 or 1 information through the Internet line.
However, in order to output sound from the speaker as vibration of air that can be heard by the ear, it had to be converted into an analog signal, and electromagnetic waves leaked in the process of converting to that analog.
Even if measures such as encryption are advanced in the digitalization of society, as long as human beings see and hear information with their eyes and ears, the "analog" part is absolutely necessary, and security issues are a problem. Remain.
The research group also conducted experiments on measures to reduce electromagnetic waves leaking from speakerphones.
When placed on a non-conducting material such as wood or plastic and separated from the metal, the radiation of electromagnetic waves was greatly reduced.
Also, in the case of a metal desk, electromagnetic waves were reduced by attaching a clip to the metal connection part such as the USB terminal of the speakerphone and grounding to let electricity escape.
Professor Hayashi warns, "Many people are teleworking, and the risk of Tempest is increasing. Hardware measures are also needed."
After this announcement, some speakerphone makers who could hear voice information by electromagnetic waves have started to consider countermeasures.
"Tempest" of personal computer became a problem 10 years ago
In fact, "Tempest" became a problem even in the early 2000s when personal computers became widespread.
It was pointed out that there is a risk of electromagnetic waves generated from peripheral devices such as monitors and keyboards.
On a personal computer monitor, we were able to reproduce the projected image by analyzing electromagnetic waves at a remote location.
In 2006, an electronic ballot was canceled due to public concern that the content of the vote could be stolen in an electronic ballot held in the Netherlands.
In addition, countries around the world proceeded with discussions at the ITU (International Telecommunication Union), and in 2011, recommendations on test methods and guidelines for information leakage due to electromagnetic waves were issued.
Even in Japan, government agencies have set standards for measures for terminals that handle confidential information.
In the field of defense, measures were taken earlier than this.
Hiroshi Ito, chief researcher of the National Institute of Information and Communications Technology, who was the first captain of the System Protection Corps, a cyber warfare unit of the Ground Self-Defense Force, said, "In the defense field, Tempest is an old and new problem. ".
Around 1990, when the Defense Agency was located in Roppongi, Tokyo, when receiving confidential information from the U.S. military under the defense cooperation of Japan and the United States, Mr. Ito was told by the U.S. military that he could not hand it over in Roppongi. It is said that
The reason is that the Roppongi government building had insufficient measures against tempest.
When the file received from the U.S. military was displayed on the monitor of a personal computer, the file could only be viewed directly because it could be stolen.
After that, at the newly constructed and relocated Ichigaya government building, tempest measures were taken into consideration from the time the building was designed.
Even when procuring equipment, it is said that its own standards for electromagnetic wave countermeasures were set and safety measures were taken.
Since "Tempest" seems to be used mainly in international intelligence activities, no specific damage was revealed.
However, in 2013, after international measures were strengthened, there were accusations that the concerns were real.
Edward Snowden, an NSA employee, has accused the NSA of eavesdropping on 38 embassies in EU countries and Japan.
There were various methods, but there was also a description that "collects electromagnetic waves with a special antenna".
Professor Hayashi of Nara Institute of Science and Technology says that it is seen as "tempest" in a broad sense.
Professor Yuichi Hayashi, Nara Institute of Science and Technology
"The risk of Tempest has been recognized as a reality again."
Anyone can easily "tempest"
And now that the corona is terrible, the danger of "tempest" is increasing.
Professor Hayashi of Nara Institute of Science and Technology cites the reason that the ability of the device to analyze the contents of intercepted electromagnetic waves has dramatically increased compared to 10 years ago, and it has become easier to obtain.
In the past, a large-scale device that could be loaded into a car was operated by a dedicated program, and the price was about 50 million.
However, for about 100,000 yen now, I can get a small device that fits in a bag.
The kit can also be purchased in Akihabara.
Furthermore, even if the electromagnetic waves are weak, it has become possible to accurately analyze only the targeted data by filtering it with a computer program.
Such programs are available online and available to everyone.
Recently, even a tuner sold by mail order for about 2000 yen can intercept and analyze electromagnetic waves by controlling it with a program, but the threshold is further lowered.
Professor Yuichi Hayashi, Nara Institute of Science and Technology
"A long time ago, it was an effective measure to keep the electronic devices used indoors away from the outside, but now even from inside a car a little away from the building. It has become possible to intercept and analyze. "
In fact, in the last 10 years, personal computer monitors have become more sophisticated, and signals have come to be sent to one monitor from multiple routes at the same time, so it is not easy to read with the technology 10 years ago.
However, this time, Professor Hayashi's group succeeded in reading the data from the slightest difference in the signal for each route.
The higher performance of equipment and programs has made analysis possible.
In fact, in an experiment that reproduces a computer monitor image in which signals are sent from two paths in order to improve image quality from leaked electromagnetic waves, the alphabets and symbols written on the original screen can be clearly projected. done.
"Cat and mouse" even though measures are taken
NTT Advanced Technology develops technologies for tempest countermeasures, such as diagnosing the risk of electromagnetic wave leakage, after receiving consultations from government agencies and companies.
The person in charge said, "In Tempest, there are no traces of electromagnetic wave interception and the damage is not revealed, so it is often said as an urban legend. Although necessary measures are taken by government agencies, the threat is still generally recognized. It has not been done. "
This company has developed an electromagnetic wave information leakage prevention device that attaches a small device with a length of about 9 cm to the monitor connection terminal of a personal computer.
By adding a special signal to the electromagnetic waves emitted from the display screen, the information cannot be read even if it is intercepted.
The research group of the company conducted an experiment to test the effect of a countermeasure device with such a mechanism at a financial institution's ATM = automatic teller machine.
ATMs are similar in structure to personal computers, and there is a risk of electromagnetic waves leaking from monitors and connections.
In the experiment, it was found that if no measures were taken, the image on the monitor of the terminal could be intercepted from a maximum of 163 meters away, even if the wall was separated.
However, when a device that emits nuisance electromagnetic waves was installed, it could not be intercepted even if it was 3 meters or less.
Since financial institutions handle money, strong measures are required above all.
In Japan, the "Financial Information System Center", a foundation created by financial institutions and insurance companies, summarizes safety measures standards.
As one of the various security measures at financial institutions, tempest measures are also included, and measures such as adopting wall materials that do not allow electromagnetic waves to pass through and covering the equipment itself with metal are shown, and each financial institution takes measures accordingly. It is said that it is taking.
However, electronic devices are constantly evolving.
For example, with the increasing performance of personal computer monitors, new methods for sending video signals are emerging one after another, and the research group says that it is necessary to take appropriate risks and countermeasures for electromagnetic wave leakage. Point out.
NTT Advanced Technology Tetsukin Tominaga Chief Engineer
"Tempest is not only technologically innovative in the equipment used by the attacking side, but also responding to changes in the functions of computer products that emit leaking electromagnetic waves from an important point of view in terms of security measures. It is thought that we will continue to play cat and mouse in the future. "
"Tempest" has been a problem since the Cold War era about half a century ago, and the world has often worked on countermeasures.
The reality of the attacks and damages is unknown, but the spread of teleworking in the Corona sword has increased the need to re-recognize it as an old and new threat.
Soichiro Kurose,
Reporter, Faculty of Science and Culture