Light Sources can Hijack Scanner

Wednesday, March 29, 2017 @ 02:03 PM gHale


Using different light sources, a typical office scanner can end up infiltrated and a company’s network compromised, researchers said.

“We demonstrated how to use a laser or smart bulb to establish a covert channel between an outside attacker and malware installed on a networked computer,” said Ben Nassi, a graduate student in the Ben-Gurion University (BGU) Department of Software and Information Systems Engineering as well as a researcher at the BGU Cyber Security Research Center (CSRC) and lead author of a paper entitled, “Oops! I Think I Scanned Malware.”

RELATED STORIES

Speeding Up Testing of Networking Protocols

Game Theory to Predict Voting Cyberattacks
Aging Faces Heighten Security Risks
IBM Uses AI to Solve Cyber Issues

“A scanner with the lid left open is sensitive to changes in the surrounding light and might be used as a back door into a company’s network,” Nassi said.

The researchers conducted several demonstrations to transmit a message into computers connected to a flatbed scanner. Using direct laser light sources up to a half-mile (900 meters) away, as well as on a drone outside their office building, the researchers successfully sent a message to trigger malware through the scanner. Click here to watch a video of the drone attack.

In another demonstration, the researchers used a Galaxy 4 Smartphone to hijack a smart lightbulb (using radio signals) in the same room as the scanner. Using a program they wrote, they manipulated the smart bulb to emit pulsating light that delivered the triggering message in only seconds. Click here to watch a video of the light bulb attack.

To mitigate this vulnerability, the researchers recommend organizations connect a scanner to the network through a proxy server — a computer that acts as an intermediary — which would prevent establishing a covert channel.

“We believe this study will increase the awareness to this threat and result in secured protocols for scanning that will prevent an attacker from establishing such a covert channel through an external light source, smart bulb, TV, or other IoT (Internet of Things) device,” Nassi said.



Leave a Reply

You must be logged in to post a comment.