Home  /  Technology  /  Power line exfiltration
Technology · Power Line Exfiltration

Your network is air-gapped.
Your power lines are not.

Power Line Exfiltration lets attackers extract data from air-gapped systems through your building's electrical wiring — with no network access, no physical breach, and no log entries. NIST SP 800-53 PE-19 requires you to address it. Bantam suppresses the channel at every outlet, inherently, through the same patented circuit that conditions power.

NIST SP 800-53 PE-19
CJIS v6.0 · CMMC L2 · IRS Pub 1075
NTS Laboratories verified
US Patents 8,223,468 · 11,775,645 · 12,019,751 · 12,271,477
Step 01 of 05 The threat model
SECURED FACILITY PC AIR GAP THREAT ACTOR RX ?
The power cord exits the air gap. What travels on it?
Conventional security assumption: power is not a data path
01 — The vector

Your air gap ends at the power outlet

Air-gapping removes every intentional network path from a protected system. It does not remove the power cord. Beginning with research published in IEEE Transactions on Information Forensics and Security in 2019, a class of attack called Power Line Exfiltration (PLE) demonstrated that the building electrical wiring is a viable covert data channel requiring no network connectivity whatsoever.

Guri, M. et al. "POWER-SUPPLaY" · IEEE T-IFS 2020 · arXiv:1912.01094
02 — The mechanism

Malware encodes data in power consumption

Malicious code on the target system deliberately modulates CPU, GPU, or memory bus utilization at frequencies between 100 Hz and 500 kHz. The resulting variations in power draw impose a signal on the Line and Neutral conductors. A receiver anywhere on the same electrical branch — or across the utility connection — can demodulate and recover the encoded data.

Signal bandwidth: ~10–50 bps usable · sufficient for cryptographic keys, credentials, and short data bursts
03 — The failure

Conventional surge protection is completely transparent to PLE

Metal-oxide varistors (MOVs) are parallel devices that clamp voltage spikes exceeding a set threshold, typically 330V or 400V. PLE signals are deliberately kept well below this threshold. MOVs never activate. The signal passes through a conventional surge protector without any attenuation whatsoever, as if the device were not present.

MOV clamping voltage: 330–400V · PLE operating voltage: millivolt-range modulation on 120V carrier
04 — The ground problem

Surge protectors route energy to the most accessible conductor

Standard surge protection diverts excess energy to the ground conductor. The National Electrical Code requires the ground conductor to provide an unbroken, low-impedance path throughout the entire facility with no interruptions. A surge protector that dumps to ground does not contain the signal — it delivers it to the conductor with the widest distribution and the most accessible collection points.

NEC 250 · Ground continuity requirement · No switches, no filters, no breaks permitted
05 — The solution

Series inductors on all three conductors simultaneously

Bantam Clean Power products place selectively-tuned inductors in series on Line, Neutral, and Ground simultaneously. An inductor's impedance rises with frequency: at 60 Hz, power passes with minimal loss. At PLE operating frequencies, impedance is orders of magnitude higher, absorbing the signal before it can propagate into the building wiring. Independent testing at NTS Laboratories measured up to 100 dB attenuation on Line and Neutral, and up to 60 dB on Ground.

NTS Laboratories · Test Reports PR043871, PR070961 · U.S. Patents 8,223,468 · 11,775,645 · 12,019,751 · 12,271,477

The research is peer-reviewed. The test data is independent. The compliance mandate is in writing. The only open question is which systems in your environment are in scope.

Assess my organization's exposure
Why current approaches fall short

Three reasons your existing infrastructure does not stop PLE

Each of the following is a common, deployed protection approach — and each fails against Power Line Exfiltration for a specific technical reason.

Standard EMI filters — they operate above the PLE frequency band

Commercial EMI filters are designed to address frequencies in the 150 kHz to 30 MHz range — the CISPR Part 15 / FCC Part 15 regulated band. Power Line Exfiltration operates at frequencies below 1 kHz. This is deliberately below the FCC regulatory floor. A device can be fully CISPR-compliant and still leak at precisely the frequencies an attacker exploits. Your EMI-filtered power strip was never designed to stop this class of signal, and its certification does not claim otherwise.

Bantam's inductors attenuate from 60 Hz upward — covering the entire PLE signal band, the regulated EMI band, and everything between them.

Conventional surge protectors — they route energy to the ground conductor, amplifying the threat

A standard MOV-based surge protector diverts surge energy toward the ground path. From a shock-protection standpoint this is acceptable. From a PLE standpoint it is counterproductive. The ground conductor is the primary PLE collection point. A conventional surge protector that dumps energy to ground is increasing electrical activity on exactly the conductor an attacker would monitor.

Bantam filters the ground conductor with series inductors, the same as Line and Neutral. No energy is diverted to ground. Ground stays electrically quiet — eliminating the conductor an attacker would monitor and protecting the digital reference signal your equipment depends on.

TEMPEST-grade filtering — it works, but it is not the right tool for most organizations

TEMPEST-rated power line filters address the same conducted-emanation threat as Bantam and they work. They are the appropriate solution for SCIF environments, intelligence community facilities, and classified programs. They require classified procurement channels, SCIF-grade installation, and per-outlet costs that are multiples of the Bantam price.

Bantam fills the gap between a commercial surge protector — which provides no PLE mitigation — and a classified TEMPEST filter — which is inaccessible to most organizations. The same physical mechanism — conducted-emanation suppression through series inductors on all three conductors — available through standard commercial channels at prices that fit an enterprise or government IT budget.

Compliance frameworks

Six frameworks directly address power line emanation

Download full compliance mapping
NIST SP 800-53 · PE-19
Protection of information at physical boundaries

Requires organizations to protect information systems from unintended electromagnetic emanations. PE-19(1) specifies protection to approved levels. Applies to all federal agencies, contractors, and state/local governments adopting NIST frameworks.

Federal · State/local · Contractors
CJIS Security Policy v6.0 · §5.9
Physical protection of CJI systems

Requires agencies to implement controls preventing unauthorized access to Criminal Justice Information through electromagnetic means. Every FCIC/NCIC terminal, server, and workstation is in scope.

Law enforcement · Courts · Corrections
CMMC Level 2 · PE.L2-3.13.16
Protection of CUI from electromagnetic emanations

Directly requires protection of Controlled Unclassified Information from electromagnetic emanations. Defense contractors processing CUI on any system are in scope. Available through commercial channels — no classified procurement required.

Defense contractors · CUI environments
HIPAA · §164.310(a)(2)
Physical safeguards for ePHI

Physical Safeguards require protection of ePHI-containing systems from unauthorized access including electromagnetic threats. Combined HIPAA/PE-19 exposure significantly increases audit risk for government-operated health systems.

Healthcare · Health IT · Government health agencies
IRS Publication 1075
Physical security for Federal Tax Information

Requires agencies handling Federal Tax Information to implement NIST 800-53 PE-19 controls. Tax collector offices, revenue departments, and any system receiving FTI are in scope. Violations carry criminal penalties and loss of IRS data access.

Tax agencies · Revenue departments · FTI recipients
AWIA 2018 · EPA Baseline Cyber
Water sector SCADA physical security

Requires water utilities serving 3,300+ customers to assess and address cybersecurity risks including electromagnetic vulnerabilities in SCADA environments. The EPA Baseline Cyber controls reference NIST physical security standards.

Water utilities · Wastewater · SCADA operators
What this means for your organization

The mandate exists. The research is peer-reviewed. The question is your specific exposure.

100 dB Attenuation on Line & Neutral
NTS Laboratories verified · Reports PR043871, PR070961
60 dB Ground conductor attenuation
1,000× signal reduction · eliminates the primary collection path
4 Active U.S. patents covering circuit design and PLE suppression
8,223,468  ·  11,775,645  ·  12,019,751  ·  12,271,477

Air-gapping a network severs every intentional data path between a protected system and the outside world. It does not sever the power cord. And the power cord, as peer-reviewed research published in IEEE Transactions on Information Forensics and Security has demonstrated since 2019, is a data path — one that carries no log entries, triggers no alerts, and is invisible to every endpoint detection product and SIEM in your stack.

The compliance frameworks governing U.S. government and regulated-enterprise environments have caught up to this reality. NIST SP 800-53 Control PE-19 requires protection against unintentional electromagnetic emanations across all vectors, including conducted emanation through building wiring. IRS Publication 1075 incorporates PE-19 by control number. CJIS Security Policy v6.0 §5.9 requires physical safeguards sufficient to protect Criminal Justice Information against threats an agency reasonably faces — and published research places PLE squarely within that population for any agency in a shared-occupancy or perimeter-accessible facility. CMMC Level 2 reaches the same vector through its physical protection and CUI confidentiality practices. HIPAA §164.310 applies a risk-based workstation security standard that creates a defensible obligation for any covered entity operating in a multi-tenant environment.

Bantam Clean Power products address the channel through a patented series-inductor circuit topology that places high-oersted-rated inductors in series on all three building conductors simultaneously — Line, Neutral, and Ground. Because the inductors are in series and respond at inception, the signal is reshaped before it can propagate into the building wiring. There is no threshold to cross, no configuration to maintain, and no software to update. The control is passive, always-on, and verifiable through test reports available under NDA to qualified procurement and audit reviewers.

The tool below maps your specific compliance exposure. Select the system types your organization operates and it will identify which mandates apply by name, assign a risk level to each asset class, and recommend the correct Bantam product and deployment pattern for your environment.

PLE Risk Assessment
Select the system types present in your environment and your applicable compliance frameworks. The tool will identify your exposure level, the specific control citations that apply, and the correct Bantam product for each asset class.
Step 1 — Select your compliance frameworks
🏛️ NIST SP 800-53 PE-19 · Federal agencies and contractors
🚔 CJIS Security Policy v6.0 §5.9 · Law enforcement agencies
🛡️ CMMC Level 2 PE.L2-3.13.16 · Defense contractors
🏥 HIPAA Security Rule §164.310 · Healthcare organizations
📋 IRS Publication 1075 FTI safeguards · Tax agencies
AWIA 2018 Baseline cyber · Water utilities
Step 2 — Select your system types
💻 Air-gapped workstation Isolated systems · classified or sensitive Critical
🚔 CJI terminal Criminal Justice Information access Critical
🏥 EHR / ePHI endpoint Electronic health records · HIPAA scope High
🗂️ CUI-handling server Controlled Unclassified Information Critical
🗳️ Election infrastructure Voting systems · tabulation equipment High
📡 Dispatch console Public safety communications High
⚙️ SCADA / ICS controller Industrial control · utility systems Critical
📋 FTI workstation Federal Tax Information · IRS Pub 1075 High
🔒 Classified system terminal SCI · SAP · classified network access Critical
Bantam products — PLE suppression at every outlet

Same patented circuit. Four form factors. Every installation covered.

PLE suppression is not a feature added to these products. It is an inherent property of the inductor-primary circuit that defines every Bantam product.

Citadel$310

Citadel RM1440

1U rack conditioner for server rooms, dispatch racks, and EOCs. 8 outlets, real-time LCD, 12A. The primary PE-19 solution for rack-mounted infrastructure.

NIST PE-19CJIS v6.0UL E521973
View Citadel series Buy — $310
Vanguard$141

Vanguard PP18004A

Desktop conditioner for workstations and RMS terminals. 15A, 1800VA, 4 outlets, lifetime warranty. The workstation-level PE-19 solution.

CJIS v6.0NIST PE-19Lifetime warranty
View PP18004A Buy — $141
VanguardFrom $125.85

Vanguard PP300 series

3-amp compact conditioner for edge devices, VoIP, IoT, and network gear. PP3002B (2-outlet) or PP3004A (4-outlet). Extends PE-19 to every outlet.

UL listedLifetime warranty
View PP300 series PP3002B $125.85 · PP3004A $132.15
Tempest$155

Tempest SA3600A

OEM PCB module for integrators. Up to 15A, 110 or 240V. 90°C thermal. OEM-integrated enterprise PDU. CMMC Level 2 PE-19 for CUI environments.

UL listedCMMC L2
View Tempest SA3600A Request OEM quote
Compliance documentation package

The PE-19 compliance documentation your auditors are asking for

A structured PDF mapping each applicable framework to Bantam's circuit — formatted for procurement teams, security auditors, and IT leadership. Includes NTS laboratory report references and per-product deployment guidance.

NIST SP 800-53 PE-19 control mapping with Bantam circuit explanation
CJIS Security Policy v6.0 §5.9 physical protection mapping
CMMC Level 2 PE.L2-3.13.16 mapping for CUI environments
HIPAA §164.310 and IRS Publication 1075 reference
NTS Laboratories test report references — PR070961, PR043871
Patent reference and technical suppression mechanism summary
Per-product deployment guide — Citadel, Vanguard, Tempest
Request the compliance documentation
We will send the PDF to your email within one business day. Government and enterprise IT teams receive a follow-up from our compliance team.
Bantam Clean Power