UK spy agency releases malware-blocking gadget for HDMI and DisplayPort cables — SilentGlass blocks malicious traffic traveling between display and computer

The UK’s Government Communications Headquarters (GCHQ), a counterpart to the U.S.’s National Security Agency (NSA), just launched SilentGlass through the National Cyber Security Center (NCSC). This little gadget was announced during CYBERUK, a government-sponsored cyber security conference, and is designed to block malicious traffic traveling between a display and a PC. According to the NCSC, it built and designed this plug-and-play device to protect government estates and has been “approved for use in the most high-threat environments.”

The government has since licensed the design to Goldilock Labs, a UK-based cybersecurity firm that specializes in hardware that automatically cuts physical connections during a cyberattack, limiting potential damage to a network. It has partnered with Sony UK Technology Center to make the product available globally, although the firm has yet to put the product publicly available on the market.

“Display screens and monitors are everywhere in modern business environments, and the SilentGlass device will help protect previously vulnerable IT infrastructure with unprecedented ease,” NCSC Chief Technology Officer Ollie Whitehouse said, “Its development and commercialization show the impact that the NCSC can have, alongside industry partners, with an affordable and effective product now globally available.” Goldilock Labs co-founder Stephen Kines also said, “SilentGlass addresses a gap that has been widely overlooked. The hardware interfaces people rely on every day have rarely been treated as security boundaries, despite being exposed to risk through supply chains, third-party servicing, and direct physical access.”

Article continues below

While SilentGlass is an interesting security device, some information security experts question the actual need for it. Cybersecurity expert Scott McGready said on X, “Can anyone genuinely tell me what risk this is addressing or is it a solution in search of a problem?” After all, most common cyberattacks do not use video signals as an attack vector. Nevertheless, that does not mean that it’s impossible to take advantage of HDMI and DisplayPort to exfiltrate information.

Way back in 2020, a research paper revealed a technique which subtly changed monitor brightness to steal data from air-gapped PCs, while a more recent study showed that AI can use signals leaking from HDMI cables to reconstruct what the target computer is displaying. These aren’t likely problems for the billions of home and office computers around the globe, as these techniques are complicated and would often cost more to deploy than the potential data they can gather from the average civilian.

However, these vulnerabilities could be potential weak links in the security of government agencies and defense companies that deal with sensitive information. This makes them targets for nation-states who have the means and resources to use these attack vectors. The UK government has reportedly deployed this little gadget in some of its computers, and it’s now making it available for anyone else to purchase. We don’t have pricing for SilentGlass yet, but this likely won’t interest the average PC user. But for users who deal with state secrets and confidential technologies, this gadget could potentially protect their systems from a potential vulnerability that will most likely be used by technically advanced adversaries.

Follow Tom’s Hardware on Google News, or add us as a preferred source, to get our latest news, analysis, & reviews in your feeds.