Introduction to TEMPEST
Introduction to TEMPEST

"Codename: TEMPEST" is a confidential and largely covert United States government project specifically designed to spy on computers, telecommunication devices and other information systems through leaking emanations which include accidental or unencrypted electrical signals, involuntary radio transmissions, unintended sounds, oscillations and vibrations produced by the device or its operator, and which are later deciphered in order to reconstruct intelligible data.

The name “TEMPEST” is codename and acronym which the U.S. government began using in the late 1960s and stands for Telecommunications Electronics Material Protected from Emanating Spurious Transmissions. The TEMPEST federal program comprises of not only methods showcasing how to effectively spy upon the designated target while remaining undetected, but also how to shield all electrical devices and equipment against such malicious eavesdropping efforts. The protection branch of TEMPEST is also known as EMSEC (emission security), which is a subset of COMSEC (communications security) and the whole project is stealthily coordinated by the National Security Agency (NSA), which is the highest-ranking intelligence agency of the United States Department of Defense.

The NSA keeps the vast majority of its spying means, methods and equipment strictly confidential and classified. However, some of EMSEC’s protection standards have been released and are readily available to the public.

TEMPEST protects the designated equipment from spying, hacking and eavesdropping by implementing a mixture of distance, shielding, filtering and masking techniques. The electrical devices and paraphernalia which are susceptible to unwanted eavesdropping have to be installed at a specific distance from the room’s walls. The walls must contain additional shielding materials, the wires transporting classified data must be adequately separated from the ones carrying unclassified information, and cloaking sound frequencies can be utilized in order to mask the actual data, thus protecting the information. Such preventative measures drastically reduce the chances of unwanted or malicious monitoring and surveillance.