Researchers have a cunning way to eavesdrop on what users type at their keyboards by using relatively inexpensive equipment. Two Swiss researchers, Martin Vaugnoux and Sylvain Pasini, both from the Security and Cryptography at Ecole Polytechnique Federale de Lausanne, have developed a way to capture the electromagnetic waves given off by keyboards. In what is being touted as a James Bond-like attack, the researchers used a radio antenna that monitors the frequency at which keyboards emitted energy and captured keystrokes.
The two researchers tested 11 keyboard models that used either a USB or PS/2 connection. Every keyboard tested, including a laptop, was vulnerable to at least one of the four attacks the researchers used. The attack was shown to be effective up to 20 meters.
This type of attack is not new. Researchers have known that electromagnetic frequencies can be captured by an antenna since the 1970s. What is interesting here is that this problem was supposed to have been fixed a long time ago by keyboard manufacturers, but due to pressure to keep costs down, the problem has resurfaced. Because of a few dollars, hardware manufacturers have forced us into the position where we could be putting sensitive data at risk.
This is a very difficult situation to protect against. The researchers will be releasing their results soon. It would be wise to see which keyboards were tested to see if you have one. If you are concerned, there are firms that specialize in reducing the amount of radio and electromagnetic energy that are emitted from buildings.
In the meantime, be on the lookout for people walking around the outside of your building with gizmos that look like they are straight out of a James Bond film.