RÖS

RÖS – what is it and how do we protect ourselves?

RÖS refers to the electromagnetic radiation emitted by electrical components. If this radiation is compromised, there is a risk that the information carried by the radiation could leak to unauthorized parties. Generally, two different types of RÖS sources are distinguished:

1. Information Source: The information that the electronic radiation carries.
2. Physical Source: The electrical components that generated the current/radiation carrying the information source.

Depending on the type of 1) information source being transmitted and the type of 2) physical source being used, different types of RÖS signals are discussed.

Four Common Examples of RÖS Signals

Radio-RÖS

A particularly insidious form of RÖS that can occur in any type of device with some form of radio transmitter, such as mobile phones and radio transmitters. What makes radio-RÖS especially vulnerable is that it can occur unintentionally between installations containing radio transmitters. Therefore, it doesn’t necessarily require an active RÖS spy trying to reveal secret information. Additionally, the information can be spread over very long distances.

EM Crosstalk

EM crosstalk, or electromagnetic crosstalk, is an umbrella term describing when signals are transferred through electromagnetic coupling. EM crosstalk is, for example, the main reason why radio-RÖS can occur. The signals transmitted via EM crosstalk are often in a more or less distorted form, but if they carry information, a RÖS risk can still arise.

Keystroke-RÖS

Keystroke-RÖS is a type of RÖS that can occur when information is transferred from, for example, a keyboard to a computer.

Video-RÖS

Video-RÖS is a type of RÖS that can occur when information is transferred from a computer to a monitor, for example.

The different RÖS signals can further be categorized according to two coupling types: conducted propagation and radiated wave propagation. The coupling types describe how the connections can physically occur.

Conducted Propagation

Conducted propagation mainly occurs when the coupling happens through metallic conductors such as:

• Power and telecommunication lines
• Water pipes
• Reinforcement bars, etc.

A conducted coupling typically occurs at frequencies < 30 MHz. Such shortwave frequencies (also known as high-frequency wavelengths) can provide audibility over very long distances under favorable conditions.

Radiated Wave Propagation

Radiated wave propagation occurs instead when the coupling happens between two transmitting antennas. Here, the frequency is limited to higher frequencies > 30 MHz. Radiated wave propagation can, for example, occur during electromagnetic crosstalk (which can create radio-RÖS) where electromagnetic coupling arises between two transmitters.

RÖS – How Can We Protect Ourselves?

There are several ways to protect against RÖS. Briefly, the different protection mechanisms against RÖS can be categorized as follows:

RÖS-Protected Equipment

With specially RÖS-protected equipment, one can either eliminate (Class 1 – U1) or limit (Class 2 – U2) the risk of RÖS. Class 3 (U3) implies an even weaker limitation. At Fibersystem, we offer RÖS-protected equipment for Class 1 (U1).

RÖS-Protected Rooms/Cabinets

If equipment carrying sensitive information has not been equipped with its own RÖS protection, it can instead be placed in a specially RÖS-protected room or cabinet. Such a RÖS-protected room contains walls that prevent electromagnetic signals from reaching the outside world. Just like RÖS-protected equipment, there are different levels of this protection, where shell protection class 1 (SS1) means elimination of RÖS risk and shell protection class 2 (SS2) means limitation of RÖS risk. Fibersystem has cabinets with shell protection class 1 (SS1).

RÖS Safety Distance

RÖS safety distance means taking advantage of the fact that the strength of radio frequency signals decreases with increasing distance. By utilizing natural protections in the environment, the RÖS risk can also be reduced. Some simple measures to reduce the risk of RÖS include:

• Placing sensitive equipment in the innermost part of the building.
• Placing sensitive equipment as close to the ground as possible – preferably below ground.
• Placing sensitive equipment close to surrounding walls.
• Never place equipment carrying sensitive information directly in front of a window where there is a clear line of sight for eavesdropping equipment.

Note that the above should not be seen as a replacement for RÖS protection but as an additional precaution.

RÖS – Why Do We Need to Protect Ourselves?

RÖS has long posed a significant threat to IT security. Historically, only nations had the capability to conduct RÖS surveillance, and national defense-related agencies were the primary targets. As technology has become both cheaper and more accessible, it is now reasonable to assume that even civilian organizations can engage in surveillance, and as a result, civilian targets may also be at risk. There are now examples of civilian organizations beginning to take measures to protect themselves against RÖS.