            TY  - JOUR
T1  - TEMPEST Attacks and Cybersecurity
AU  - Aydın, Hakan
PY  - 2019
DA  - September
Y2  - 2019
JF  - International Journal of Engineering Technologies IJET
JO  - IJET
PB  - İstanbul Gelişim Üniversitesi
WT  - DergiPark
SN  - 2149-0104
SP  - 100
EP  - 104
VL  - 5
IS  - 3
LA  - en
AB  - Broad usage of Information and Communication Technologies (ICT) and theInternet have made cybersecurity a vital issue. One of the less known threatfor cybersecurity is TEMPEST (Transient Electromagnetic Pulse EmanationStandard) which has become more apparent today. TEMPEST is an informationsecurity term that refers to the examination and control of unwantedelectromagnetic energy emissions caused by electrical and electronic devices.As a result of TEMPEST attacks, confidential information such as state secrets,personal information such as bank passwords, and more information can be passedon to the attackers. Unlike other known cyber-attack methods, TEMPEST attackmethods are kept secret and those who are exposed to TEMPEST attacks are notaware of these attacks. The concept of TEMPEST is a less known cybersecuritycomponent which can cause much greater damage if the necessary cybersecuritymeasures are not taken. The purpose of this study is to present a review ofTEMPEST attacks and countermeasures. The study also highlights the importanceof using national cybersecurity products that passed the national TEMPESTcybersecurity testing certification.
KW  - Cybersecurity
KW  - TEMPEST
KW  - Electromagnetic Emission
CR  - Resmi Gazete, 4 Haziran 2010. Resmî Gazete, Sayı: 27601, Millî Savunma Bakanlığı Savunma Sanayi Güvenliği Yönetmeliği.
CR  - S. Bilgin, Ö. Sarıtaş, G. Okyay, H.G. Örtlek, &quot;Askeri ve Kamu Kuruluşlarına ait Binaların Tempest Güvenliği için Farklı Yapıda Dokuma Kumaşların Geliştirilmesi&quot;, Tekstil ve Mühendis, 2013, p.81.
CR  - Z. Hongxin, H. Yuewang, W. Jianxin, L. Yinghua, Z. Jinling,. Recognition of electro-magnetic leakage information from com- puter radiation with svm, computers &amp; security 28 (1-2), 2009.
CR  - NSTISSI No. 7000, 29 Nov 1993, &quot;TEMPEST Countermeasures for Facilities.&quot;, 1993.
CR  - B. Jacobs, W. Pieters, &quot;Electronic Voting in the Netherlands: from early Adoption to early Abolishment&quot;, Published in: Foundations of Security Analysis and Design V: FOSAD 2007/2008/2009
CR  - Tutorial Lectures. Springer LNCS 5705, p. 121-144, 2009.
CR  - G. Bayraktar, “Harbin. Beşinci. Boyutunun. Yeni. Gereksinimi: Siber İstihbarat”, Güvenlik Stratejileri Dergisi,120-135,. 2014.
CR  - F. Cohen, &quot;Information System Attacks: A Preliminary Classification Scheme,&quot; Computers &amp; Security, Vol.16, No.1, 1997, pp.127--153.
CR  - S. Philippsohn, “Trends in Cybercrime - an overview of current financial crimes on the Internet,” Computers &amp;. Security, vol. 20, no. 1, pp. 53-69, 2001.
CR  - T.C. Ulaştırma Denizcilik ve Haberleşme Bakanlığı, “2016-2019 Ulusal Siber Güvenlik Stratejisi”, 2016.
CR  - H. Çifci, &quot;Her Yönüyle Siber Savaş&quot;, Ankara: Tübitak Popüler Bilim Kitapları, 2013. p.154.
CR  - M. Meral. &quot;Siber savunma: Ülkeler ve Stratejiler&quot;, 3. Uluslararası Katılımlı Bilgi Güvenliği ve Kriptoloji Konferansı, Aralık 2008.
CR  - F. Aslay, &quot;Siber Saldırı Yöntemleri ve Türkiye’nin Siber Güvenlik Mevcut Durum Analizi&quot;, IJMSIT (International Journal of Multidisciplinary Studies and Innovative Technologies), vol.1, pp.24-28, 2017.
CR  - M.E. Erendor, “Risk Toplumu ve Refleksif Modernleşme Çerçevesinde Siber Terörizm: Tanımlama ve Tipoloji Sorunu”, Cyberpolitik Journal, 1(1), 2016, pp.114-134.
CR  - Ross J. Anderson, &quot;Security Engineering: A Guide to Building Dependable Distributed Systems&quot;, 2nd Edition. ISBN: 978-0-470-06852-6. Apr 2008.
CR  - P. Shotbolt, &quot;Several compromising-emanations based interception techniques and their implications&quot;, June 2003.
CR  - D. Garlick, &quot;TEMPEST and Electromagnetic Emanations Security: Is Not Only A Government Standard&quot;, GIAC Security Essentials Certification (GSEC) Practical Assignment Option One: Case Study in Information Security, January 27, 2005.
CR  - T. Finne, &quot;The information security chain in a company&quot;, Computers &amp; Security, 15, 4, 297–316, 1996.
CR  - W.V. Eck, &quot;Electromagnetic Radiation from Video Display Units: An Eavesdropping Risk?&quot;, 1985.
CR  - J. Karlsson, “TEMPEST Attacks”, Master Thesis in Computer Science, Thesis no: MCS-2003:13. June 2003.
CR  - The Federal Information Processing Standard (FIPS) Publication 140-2 (FIPS PUB 140-2), &quot;Security Requirements for Cryptographic Modules&quot;, 1994.
CR  - F. Mohajer, “Cybersecurity Cyber-Attack Series Side Channel – TEMPEST Attacks”, 2016.
CR  - H. Altıner, H. ALTINER, E. Şaykol, E. ŞAYKOL, &quot;Veri Güvenliğinde TEMPEST Saldırı Türleri Üzerine Tarihsel Bir İnceleme&quot;, Beykent Üniversitesi Fen ve Mühendislik Bilimleri Dergisi, 6 (2), 2015, pp.121-152.
CR  - M.G. Kuhn, Markus G. and R.J. Anderson, &quot;Soft Tempest: Hidden Data Transmission Using Electromagnetic Emanations.&quot;, Berlin Heidelberg, 1998.
UR  - https://dergipark.org.tr/tr/pub/ijet/article/579644
L1  - https://dergipark.org.tr/tr/download/article-file/768686
ER  -