Recent advancements in cybersecurity have unveiled an alarming technique capable of remote eavesdropping using standard light bulbs as conduits. Researchers have demonstrated that by observing variations in the light emitted by a bulb in a room, they can effectively intercept conversations from a nearby location.
This innovative method, termed “Lamphone,” was recently detailed in a paper authored by a team from Israel’s Ben-Gurion University of the Negev and the Weizmann Institute of Science, including experts Ben Nassi, Yaron Pirutin, Adi Shamir, Yuval Elovici, and Boris Zadov. Their findings will be presented at the upcoming Black Hat USA 2020 conference in August.
Lamphone operates by detecting minute sound-induced vibrations in a hanging light bulb. These vibrations occur as pressure fluctuations created by sound waves affect the bulb’s surface. By using an electro-optical sensor directed at the bulb, the technology translates these vibrations into recognizable auditory signals. This technique notably allows for the identification of spoken words and music without requiring any intrusion into the victim’s premises.
To illustrate the attack’s efficacy, researchers successfully extracted clear audio from public speeches and popular songs, such as recordings of President Donald Trump’s speeches and the Beatles’ “Let It Be.” They found that the sound waves emitted caused the bulb to vibrate at negligible levels, which can be captured and interpreted by specialized equipment.
The Lamphone setup includes a telescope for distant observation, an electro-optical sensor to convert light signals into electrical currents, and a laptop for processing. This method unambiguously captures audio in real-time, distinguishing it from older eavesdropping strategies that suffered long processing times for sound recovery.
The efficacy of the Lamphone attack extends significantly, as it can be initiated from at least 25 meters away using relatively inexpensive equipment. The passive nature of this technique—relying solely on light emitted from outside the room—eliminates the need for direct access to the target’s devices.
According to the researchers, potential victims could be anyone communicating sensitive information within reach of a compromised light bulb. The potential for misuse is vast, ranging from identity theft to corporate espionage, as malicious eavesdroppers might exploit sensitive conversations for financial gain.
To mitigate the risks associated with such eavesdropping techniques, experts recommend employing heavier light bulbs to reduce vibrations and the use of curtains to obstruct light emissions. These countermeasures aim to diminish the light signals available to eavesdroppers.
In reviewing the incident through the lens of the MITRE ATT&CK framework, tactics such as initial access and collection are particularly relevant. The Lamphone method exemplifies how adversaries can leverage innovative techniques to exploit vulnerabilities in seemingly innocuous environments, underscoring the importance of vigilance against evolving cybersecurity threats.
