Esoteric Eavesdropping Techniques

RF Flooding

A resonant cavity device consists of a small cylindrical can with a flexible diaphragm at one end, forming a cavity, the volume of which varies slightly as the diaphragm vibrates as a result of sound in its vicinity. An antenna extends from inside the cavity. The device operates by resonating at a frequency established by its physical cavity dimensions and frequency modulating its resonant cavity when flooded with a powerful carrier transmitted from the listening post or other nearby hidden area.

Windows/Visual

Windows are particularly vulnerable to eavesdropping attack from outside the building by various methods. The loss of information, through visual acquisition, from documents and wall charts, as well as lip reading, is a hazard. Visual eavesdropping attacks are easily prevented, but frequently overlooked.

Laser

A laser can be used for eavesdropping at a substantial distance away from the target's building. Outside offices with windows are highly susceptible to compromise. Conversational sound waves within an area impinge upon all objects within that area, causing them to vibrate. These objects vibrate relative to the sound waves impinging upon them, or the conversations within that area. These vibrations from room conversation could be remotely detected.

The most commonly used method for this form of attack employs a beam of light, laser or possibly infrared which strikes the surface of the window at an angle and reflects off of the surface. The reflected beam varies in relation to the movement of the window, which is received and converted back into audible conversations. Window vibrators are typically utilized to reduce the risk of exposure from this attack.

A beam of light could also be directed through the window, aimed at an object within the area and reflected back out of the window. The received beam of light is then converted back into the target's conversation. This method of attack would render window vibrators ineffective, which are intended to mask the room's conversational window vibrations. An infrared transmitter could also be planted within the target area, transmitting room audio out of the area to be received and converted back into room conversation. The clandestine beam must be detected to reveal an attack in progress, and if the beam is temporarily turned off, it will not be detected. Various countermeasures are available to reduce the risk of eavesdropping by these methods, depending on specific requirements.

Electro-Magnetic Radiation

Computers, CRT monitors, fax machines and other electronic equipment radiate electro-magnetic signals (EMR/EMP). These inherent emissions can be surreptitiously received to recover intelligence. This is referred to, in government circles, as TEMPEST. The signal strength of these emissions, which determines the effective reception range, varies between equipment. However, the computer monitor (CRT) operates on high voltage to fire the electron beam, which produces the images on the screen. As these high voltage on and off pulses sweep across the CRT screen, strong electro-magnetic signals are produced which radiate away from the CRT. A knowledgeable perpetrator could intercept and decode these emissions, thereby obtaining all of the intelligence presently being displayed on the CRT screen.

This type of attack is real and does exist. Plans are readily available to build this equipment, and the required components are relatively inexpensive.