Nav: Home

Desktop scanners can be hijacked to perpetrate cyberattacks

March 28, 2017

BEER-SHEVA, Israel...March 28, 2017 - A typical office scanner can be infiltrated and a company's network compromised using different light sources, according to a new paper by researchers from Ben-Gurion University of the Negev and the Weizmann Institute of Science.

"In the paper, "Oops! I Think I Scanned Malware," we demonstrated how to use a laser or smart bulb to establish a covert channel between an outside attacker and malware installed on a networked computer," says lead author Ben Nassi, a graduate student in the BGU Department of Software and Information Systems Engineering as well as a researcher at the BGU Cyber Security Research Center (CSRC). "A scanner with the lid left open is sensitive to changes in the surrounding light and might be used as a back door into a company's network."

The researchers conducted several demonstrations to transmit a message into computers connected to a flatbed scanner. Using direct laser light sources up to a half-mile (900 meters) away, as well as on a drone outside their office building, the researchers successfully sent a message to trigger malware through the scanner. Watch a video of the drone attack.

In another demonstration, the researchers used a Galaxy 4 Smartphone to hijack a smart lightbulb (using radio signals) in the same room as the scanner. Using a program they wrote, they manipulated the smart bulb to emit pulsating light that delivered the triggering message in only seconds. Watch a video of the smart bulb attack.

To mitigate this vulnerability, the researchers recommend organizations connect a scanner to the network through a proxy server -- a computer that acts as an intermediary -- which would prevent establishing a covert channel. This might be considered an extreme solution, however, since it also limits printing and faxing remotely on all-in-one devices.

"We believe this study will increase the awareness to this threat and result in secured protocols for scanning that will prevent an attacker from establishing such a covert channel through an external light source, smart bulb, TV, or other IoT (Internet of Things) device," Nassi says.
-end-
Prof. Adi Shamir of the Department of Applied Mathematics at the Weizmann Institute conceived of the project to identify new network vulnerabilities by establishing a clandestine channel in a computer network.

Ben Nassi's Ph.D. research advisor is Prof. Yuval Elovici, a member of the BGU Department of Software and Information Systems Engineering and director of the Deutsche Telekom Laboratories@BGU. Prof. Elovici is also director of the CSRC.

About American Associates, Ben-Gurion University of the Negev

American Associates, Ben-Gurion University of the Negev (AABGU) plays a vital role in sustaining David Ben-Gurion's vision: creating a world-class institution of education and research in the Israeli desert, nurturing the Negev community and sharing the University's expertise locally and around the globe. As Ben-Gurion University of the Negev (BGU) looks ahead to turning 50 in 2020, AABGU imagines a future that goes beyond the walls of academia. It is a future where BGU invents a new world and inspires a vision for a stronger Israel and its next generation of leaders. Together with supporters, AABGU will help the University foster excellence in teaching, research and outreach to the communities of the Negev for the next 50 years and beyond. Visit vision.aabgu.org to learn more.

AABGU, headquartered in Manhattan, has nine regional offices throughout the United States. For more information visit https://aabgu.org/.

American Associates, Ben-Gurion University of the Negev

Related Laser Articles:

The sharpest laser in the world
With a linewidth of only 10 mHz, the laser that the researchers from the Physikalisch-Technische Bundesanstalt (PTB) have now developed together with US researchers from JILA, a joint institute of the National Institute of Standards and Technology and the University of Colorado Boulder, has established a new world record.
Biggest X-ray laser in the world generates its first laser light
European XFEL, the biggest X-ray laser in the world, has generated its first X-ray laser light.
Where does laser energy go after being fired into plasma?
An outstanding conundrum on what happens to the laser energy after beams are fired into plasma has been solved in newly-published research at the University of Strathclyde.
Over-the-counter laser pointers a threat to eyesight
Some laser pointers that can be bought over the counter are unsafe -- to the point that they can cause blindness.
Introducing the disposable laser
Since lasers were invented more than 50 years ago, they have transformed a diverse swath of technology -- from CD players to surgical instruments.
A laser for your eyes
A team of the Lomonosov Moscow State University scientists and the Belarusian National Technical University has created a unique laser, which is a compact light source with wavelengths harmless to the human eye.
New laser to shine light on remote sensing
A revolutionary new type of laser developed by the University of Adelaide is promising major advances in remote sensing of greenhouse gases.
Laser beams with a 'twist'
Using geometric phase inside lasers for the first time, researchers find a way to change the orbital angular momentum of laser beams.
New laser achieves wavelength long sought by laser developers
Researchers at the University of Bath, United Kingdom have created a new kind of laser capable of pulsed and continuous mid-infrared emission between 3.1 and 3.2 microns, a spectral range that has long presented a major challenge for laser developers.
New laser achieves wavelength long sought by laser developers
Researchers at the University of Bath, United Kingdom have created a new kind of laser capable of pulsed and continuous mid-infrared (IR) emission between 3.1 and 3.2 microns, a spectral range that has long presented a major challenge for laser developers.

Related Laser Reading:

Best Science Podcasts 2019

We have hand picked the best science podcasts for 2019. Sit back and enjoy new science podcasts updated daily from your favorite science news services and scientists.
Now Playing: TED Radio Hour

Anthropomorphic
Do animals grieve? Do they have language or consciousness? For a long time, scientists resisted the urge to look for human qualities in animals. This hour, TED speakers explore how that is changing. Guests include biological anthropologist Barbara King, dolphin researcher Denise Herzing, primatologist Frans de Waal, and ecologist Carl Safina.
Now Playing: Science for the People

#532 A Class Conversation
This week we take a look at the sociology of class. What factors create and impact class? How do we try and study it? How does class play out differently in different countries like the US and the UK? How does it impact the political system? We talk with Daniel Laurison, Assistant Professor of Sociology at Swarthmore College and coauthor of the book "The Class Ceiling: Why it Pays to be Privileged", about class and its impacts on people and our systems.