{"id":30443,"date":"2026-04-25T02:06:49","date_gmt":"2026-04-24T20:36:49","guid":{"rendered":"https:\/\/www.kaspersky.co.in\/blog\/fiber-optics-eavesdropping\/30443\/"},"modified":"2026-04-25T02:07:03","modified_gmt":"2026-04-24T20:37:03","slug":"fiber-optics-eavesdropping","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.in\/blog\/fiber-optics-eavesdropping\/30443\/","title":{"rendered":"Eavesdropping via fiber-optic cables \u2013 theory and reality"},"content":{"rendered":"

Researchers from three universities in Hong Kong have published a paper<\/a> demonstrating a method of eavesdropping through fiber-optic cables. Fiber optics have long been the gold standard for data transmission due to their ability to transfer information at high speeds over long distances. Fiber-optic cabling utilizes ultra-thin glass threads for transmission, and is widely used not only for backbone data lines but also for connecting individual premises. And as it turns out, these very glass threads are sensitive enough to vibrations that they subtly alter the parameters of the optical signal.<\/p>\n

Potentially, this allows a fiber-optic cable to be turned into a microphone and intercept room conversations while being kilometers away from the sound source. In other words, this exploits so-called side channels \u2014 non-obvious characteristics of everyday home or office appliances that enable information leaks. Of course, this work is largely theoretical, much like other similar studies we\u2019ve covered previously \u2014 eavesdropping through mouse sensors<\/a>, using RAM modules as radio transmitters<\/a>, exfiltrating data<\/a> from CCTV sensors, or screen snooping through HDMI cables<\/a>. However, several news outlets have reported on the Hong Kong researchers\u2019 study as if it were a turnkey method, so let\u2019s try to determine just how dangerous it really is in practice.<\/p>\n

Hurdles of optical eavesdropping<\/h2>\n

The unique characteristics of fiber-optic cables were first considered<\/a> back in 2012 by Russian researchers, who conceded the theoretical possibility of such an attack. The goal of the Hong Kong researchers was to demonstrate at least some level of practical implementation for eavesdropping.<\/p>\n

\"Network<\/a>

Diagram of a provider\u2019s fiber-optic network showing the location of the attacker and the room targeted for eavesdropping. Source<\/a><\/p><\/div>\n

The diagram above illustrates a typical FTTH (fiber-to-the-home) network architecture, where end users or organizations connect directly to a fiber-optic cable. The ISP manages the so-called Optical Distribution Network (ODN), to which end-users are connected. The device on the user\u2019s end is called an Optical Networking Unit (ONU).<\/p>\n

An attack leveraging this equipment is quite difficult to execute. To eavesdrop on a specific ONU endpoint, a potential adversary would need access to the provider\u2019s infrastructure and control over the ODN equipment. What exactly is this device? It\u2019s a network router or an optical-to-Ethernet converter \u2014 a small box usually tucked away in an office utility closet. Inside the premises, connectivity is provided either by Wi-Fi or a local network using Ethernet cabling. Crucially, the fiber-optic cable is unlikely to run directly into a sensitive area like a CEO\u2019s office \u2014 the very place where eavesdropping would be most relevant.<\/p>\n

\"Eavesdropping<\/a>

Schematic representation of the eavesdropping setup on the attacker\u2019s side. Source<\/a><\/p><\/div>\n

And here\u2019s a rough idea of what the attacker\u2019s equipment would look like. Using special tech, they send optical pulses down the fiber-optic cable and measure the parameters of their transmission. Minor vibrations from footsteps in a room near the cable and nearby conversations trigger an effect known as Rayleigh scattering<\/a>. This effect, in turn, causes minute deviations in the reflected signal\u2019s parameters, which are then captured on the attacker\u2019s end using a photosensor.<\/p>\n

\"Recording<\/a>

Recording the sound of footsteps in a room through a fiber-optic cable. Source<\/a><\/p><\/div>\n

Before moving on to voice recording, the researchers decided to test a simpler scenario. To streamline the task, they ran the fiber-optic cable around the perimeter of the room and recorded footsteps \u2014 which generate significant vibration \u2014 rather than quiet conversation. This experiment was quite successful \u2014 the footsteps were audible. However, human speech proved to be far more challenging to capture. It turned out that even in laboratory conditions, intercepting a conversation between two people was impossible. To make further stages of the attack possible, the researchers assumed the presence of a bug at the fiber\u2019s entry point into the room. This module is essentially a microphone that converts audio signals into vibrations on the optical cable. This amplifies the signal, making it possible to intercept on the attacker\u2019s side.<\/p>\n

Not-so-obvious advantages<\/h2>\n

But wait \u2014 if we\u2019re talking about planting a bug in a room, why go through all the trouble with fiber optics? Why not just have the bug transmit the conversation on its own through cellular data or the building\u2019s landline \u2014 especially since it\u2019s already sitting right on top of it? Because there\u2019s a distinct advantage to the researchers\u2019 proposed attack scenario.<\/p>\n

A regular bug transmitting audio over a cellular network or through the internet is fairly easy to detect, whereas a transmitter relaying data via fiber-optic cable vibrations can operate much more stealthily. Such a tap would be relatively easy to implant during the installation of network equipment, and harder to detect using traditional bug-sweeping tools.<\/p>\n

Another major benefit of this hypothetical attack is that the eavesdropping can take place kilometers away from the target room \u2014 the attacker wouldn\u2019t have to put themselves at extra risk by being near the target. Theoretically, one could also imagine a scenario where a separate fiber-optic cable is run into a room solely for surveillance purposes without raising much suspicion from those being surveilled.<\/p>\n

Practical takeaways<\/h2>\n

If we frame the question as, \u201cCan attackers remotely eavesdrop on any room that has fiber-optic cabling?\u201d the answer is no; it\u2019s still impossible. However, this work by the Hong Kong researchers, which highlights quirks of a common data transmission medium, demonstrates a technically feasible \u2014 albeit unlikely and quite expensive to execute \u2014 scenario for a targeted attack.<\/p>\n","protected":false},"excerpt":{"rendered":"

Researchers have established that fiber-optic cables can be exploited for eavesdropping. We’re breaking down how feasible such an attack is in a real-world scenario. <\/p>\n","protected":false},"author":665,"featured_media":30448,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[2036,2609,2610],"tags":[3344,3474],"class_list":{"0":"post-30443","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-business","8":"category-enterprise","9":"category-smb","10":"tag-eavesdropping","11":"tag-side-channel-attacks"},"hreflang":[{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/fiber-optics-eavesdropping\/30443\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/fiber-optics-eavesdropping\/25489\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/fiber-optics-eavesdropping\/30287\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/fiber-optics-eavesdropping\/41729\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/fiber-optics-eavesdropping\/55658\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/fiber-optics-eavesdropping\/30575\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/fiber-optics-eavesdropping\/36174\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/fiber-optics-eavesdropping\/35825\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.in\/blog\/tag\/side-channel-attacks\/","name":"side-channel attacks"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/30443","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/users\/665"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/comments?post=30443"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/30443\/revisions"}],"predecessor-version":[{"id":30447,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/posts\/30443\/revisions\/30447"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media\/30448"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/media?parent=30443"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/categories?post=30443"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.in\/blog\/wp-json\/wp\/v2\/tags?post=30443"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}