Researchers from the Ben-Gurion University of the Negev have run several experiments that show that message can be transmitted into computers that are connected to flatbed scanners. In one trial, the researchers achieved this by deploying direct laser light sources located around half-mile (900 meters) away from the scanner. This means it is possible for a would-be hacker to stand outside of an office building and beam in a malicious code to a computer, via a connected scanner. To test this, the researchers used a drone positioned outside of an office to successfully send a message that triggered malware on a computer via a connected scanner.
The manipulation of the scanner to send code to a computer is perhaps a sign of the risks that will accompany the Internet of Things, as more devices become connected to each other. Although scanners are established technology they appear to have slipped through the protective webs of anti-viral systems.
The researcher behind the new study, Ben Nassi, describes in a research note how he and his colleagues demonstrated how to use a laser or smart bulb to establish a covert channel between an outside attacker and malware installed on a networked computer.
For this risk to present itself the scanner needs to be active. As Nassi explains: “A scanner with the lid left open is sensitive to changes in the surrounding light and might be used as a back door into a company’s network.”
That this vulnerability exists was demonstrated multiple times in various tests. The exposure relating to scanners was expanded by the researchers to highlight other vulnerabilities. In a second study they used a Galaxy 4 Smartphone to hijack a smart lightbulb (by using radio signals) in the same room as the scanner. Through a bespoke computer program, the researchers managed to alter the smart bulb to emit pulsating light that delivered a triggering message within a few seconds.
To protect users from this newly identified weakness, the researchers state that if scanners are connected to a network in an office via a proxy server this should prevent the establishment of a covert channel. The downside of this would be to limit printing and scanning on all-in-one devices, which are common to many office environments.
The research has been published in the journal ARXIV, with the research paper headed “Oops!..I think I scanned a malware.”
