The name “TEMPEST” is codename and acronym for a classified (secret) U.S. project which the government began using in the late 1960s and stands for Telecommunications Electronics Material Protected from Emanating Spurious Transmissions. The purpose of TEMPEST was not only exploiting/monitoring all forms of electromagnetic radiation (EMR) which were later deciphered in order to reconstruct intelligible data, but also guarding against such exploitation.
Today, amongst federal intelligence agencies the term TEMPEST has been officially replaced by EMSEC (Emissions Security), however TEMPEST is still used by civilians online.
The goal of the United States Information Assurance (IA) is to assure the availability, integrity, and confidentiality of information and information systems. The IA covers communications security (COMSEC), computer security (COMPUSEC), and EMSEC which are all interdependent. EMSEC addresses the “confidentiality” requirement. The objective of EMSEC is to deny access to classified and, in some instances, unclassified but sensitive information and contain compromising emanations within an accessible space. Therefore, it protects valuable information by shielding it from unauthorized entities.
EMSEC applies to all information systems, including weapon systems, infrastructure management systems and networks that are used to process, store, display, transmit or protect Department of Defense (DOD) information, regardless of classification or sensitivity.
At present, not only cathode ray tubes (CRT) but also liquid crystal display (LCD) monitors, laptops, printers, the majority of microchips and other information systems, all emit varying degrees of electromagnetic radiation (EMR) into either the surrounding atmosphere or into some conductive medium (such as communications wires, power lines or even water piping).
The leaking EMR contains, to varying degrees, the information that the device is displaying, creating, storing, or transmitting. If the correct equipment and methods are used, it is entirely possible to capture, decipher and reconstruct all or a substantial portion of the data being. Some equipment, like fax modems, wireless handsets and office speakerphones, are far more susceptible to eavesdropping than others. When switched on, these devices generate incredibly strong EMR, which can be captured and read even by relatively crude monitoring equipment.
Leaking emanations can be monitored at different ranges depending on the ambient conditions. In most cases, the leaking signal can be captured and observed 200-300 meters away from the device. However, if the signal is being transmitted through a conductive medium (such as a power line), monitoring can occur over much longer distances (many kilometers).
A sensitive receiver, which is capable of detecting a wide range of EMR, along with bespoke software, which can decipher the received signals, make up the bedrock of all surveillance, monitoring and spying.
However, advanced algorithms can be used to repair the parts of the signal which are corrupted by external EMR, partial transmission or simply long distances, therefore, providing a more clear depiction of the original data.
