SilentGlass Plug‑In Device Secures HDMI & DisplayPort Links, Mitigating Hardware‑Based Attacks
What Happened – The UK National Cyber Security Centre (NCSC) has released SilentGlass, a small plug‑in that sits between a computer and a monitor to monitor HDMI and DisplayPort traffic. The device automatically blocks any unexpected or malicious signals, preventing attackers from using video links as an entry or surveillance path. It is now licensed to Goldilock Labs and manufactured in partnership with Sony UK Technology Centre for global commercial distribution.
Why It Matters for TPRM –
- Physical video interfaces are an often‑ignored attack surface that can be exploited for data exfiltration or supply‑chain compromise.
- Deploying SilentGlass adds a hardware‑level control that complements traditional endpoint and network security controls.
- Vendors supplying display hardware or workstations must now be evaluated for compatibility with, or inclusion of, such protective devices.
Who Is Affected – All sectors that rely on visual workstations: finance, government, healthcare, education, media, and any enterprise with large‑scale display deployments.
Recommended Actions – Review existing display‑hardware procurement contracts, validate that vendors support HDMI/DisplayPort security controls, pilot SilentGlass in high‑risk environments, and update your third‑party risk framework to include hardware‑interface risk assessments.
Technical Notes – SilentGlass is a plug‑and‑play inline device that inspects every packet on HDMI/DisplayPort links, blocking traffic that deviates from expected protocols. No firmware updates or complex configuration are required. It addresses hardware‑based attack vectors such as malicious adapters, compromised monitors, and covert video‑channel exfiltration. Source: Security Affairs