EM Eye investigates a cybersecurity attack where the attackers eavesdrop on the confidential video data of cameras by parsing the unintentional electromagnetic leakage signals from camera circuits. This happens on the physical/analog layer of camera systems and thus allows attackers to steal victim’s camera data even when perfect software protections (e.g., unbreakable passwords) are all in place. Exploiting the eavesdropped videos, attackers can spy on privacy-sensitive information such as people’s activities in an enclosed room recorded by the victim’s home security camera. […]
So how can one protect themselves from this type of attack, or does responsibility lie on the vendors to keep up with security updates?
It’s just a tempest attack. Firmware won’t fix anything but the attack is an extremely expensive nation state level operation that doesn’t scale.
About $250 at most. Quoting the linked page:
$250 per camera that you have to be within meters of best case. That doesn’t include the packaging cost to make this look innocuous so probably significantly more money if you wanted this to be stealthy and reliable. Add in the money for the distribution and “installation” of such devices.
This doesn’t scale at all.
Well within the budget of a private investigator or burglar or peeping-tom or abusive ex-partner.
No need to scale; plenty of privacy/security incursions don’t require mass-surveillance.
That said, I’d suggest that the attack does scale economically . Think war-driving but with one of these setups – cruising around in a van through a dense neighbourhood collecting short clips of cctv footage looking for something of interest.
I would guess covering the camera and/or data cord with tinfoil. Even more unsure about wireless.