GCHQ’s cyber arm has entered the hardware game with its first device designed to prevent cyberattacks on display devices.
Called SilentGlass, the small gadget’s intellectual property is courtesy of the UK’s National Cyber Security Centre (NCSC), and the signals intelligence agency licensed it out to UK-based Goldilock Labs to make it commercially available to all businesses and consumers.
SilentGlass is the NCSC’s first branded device to hit the market. Announced publicly on Wednesday, the HDMI and DisplayPort-compatible device has already been deployed across “government estates,” for several years and is capable of protecting “most high-threat environments.”
Naturally, The Register had a bunch of questions, but the NCSC refused to answer any.
Through the powers that be, however, we are reliably informed that beyond the information included in the NCSC’s blog, these devices are equipped with hardware that identifies malicious traffic in the data channel, blocking the transfer between computer and display.
We’re also told that the SilentGlass gizmos are threat-agnostic, meaning they are capable of detecting any kind of nastiness and preventing it from reaching and ultimately altering or manipulating a display. Anything potentially malicious that travels between HDMI or DisplayPort connections and a monitor is blocked.
You might be thinking “it’s not every day we hear about monitors being pwned via HDMI,” and you’d be right.
You wouldn’t be alone either. Since the NCSC announced SilentGlass, infoseccers have taken to social media to question the need for this device.
However, it is understood there are legitimate attack paths that are both applicable to modern environments and have been abused by known attackers.
Very little exists in the research literature about these kinds of attacks. A team based out of Montevideo’s Universidad de la República published findings in 2024 about the potential for highly technical individuals to intercept the electromagnetic radiation emitted from HDMI cables and use deep learning algorithms to reproduce text intended to be displayed on a monitor.
The team called the finding Deep-TEMPEST, an evolution of the TEMPEST analog signal interception phenomenon of yesteryear. But, as with all side-channel attacks, the real-world application is significantly different from a remotely exploitable software bug, for example.
Most organizations probably don’t need to worry about highly motivated foreign spies lurking around their cables looking for electromagnetic emissions. However, for those safeguarding highly sensitive data within the context of critical national infrastructure operators, it’s potentially a slightly more credible threat.
NCSC’s SilentGlass HDMI device – Image courtesy of the NCSC
In any case, SilentGlass devices are available to anyone who wishes to purchase one, starting today.
Attendees of Black Hat or 44con back in 2012 may also remember NCC Group’s presentations about the potential for exploiting vulnerabilities in HDMI’s EDID and CEC parsers, as well as CDC and NEC protocols.
Again, these are fringe cases of which we hear very little from real-world scenarios, outside a conference keynote.
Despite the lack of published cases of these attacks, the NCSC believes external computer monitors are “a hugely attractive target” for adversaries, particularly those with an espionage focus.
It did not mention China specifically, although that is the country most often associated with cyberespionage, in the context of the UK’s four main adversaries – China, Russia, Iran, and North Korea.
The timing of the launch also coincides with the agency’s CEO, Richard Horne, declaring China “a peer competitor in cyberspace,” within the context of a steady rate of nationally significant cyberattacks directed at the UK by nation-states.
The org also said such attacks can be effective if the people behind them are looking to cause disruption, or generate some financial gains, which essentially implicates each of the other three countries.
Ollie Whitehouse, the NCSC’s CTO, said: “Display screens and monitors are everywhere in modern business environments, and the SilentGlass device will help protect previously vulnerable IT infrastructure with unprecedented ease.
“Its development and commercialisation shows the impact that the NCSC can have, alongside industry partners, with an affordable and effective product now globally available.
“By helping to launch a UK company onto the global market with this world-class innovation, we are breaking new ground and helping to strengthen national prosperity.”
NCSC gave Goldilock Labs, in partnership with Sony UK, the license to produce and sell SilentGlass, which comes as separate devices – one for HDMI and another for DisplayPort, each protecting one cable only.
The NCSC wouldn’t tell us the price, so we’re waiting on Golidlock to tell us more information on that front.
Stephen Kines, co-founder of Goldilock Labs, said the device meets a security problem that to date has been “widely overlooked,” as many have not viewed HDMI and DisplayPort connections as a serious security boundary.
“What was once confined to national security environments is now being applied with a low-cost, easy-to-deploy solution for CNI and businesses where the same risks exist,” he said.
“SilentGlass is the first step in a wider effort to enforce behaviour at hardware interfaces before it reaches complex software. It reflects a shift toward treating physical connectivity as a point of control rather than an assumed trust boundary.” ®