Flatbed scanners are latest cyberattack vector

Office scanners are now susceptible to attack, according to researchers. The ubiquitous office equipment’s light-sensitivity can allow passing vehicles, or laser-carrying drones to trigger malware in a network, says a research team from two Israeli universities.

The computer experts say they have been able to successfully create a test “covert channel” between a server and flatbed scanner. The proof-of-concept hack, in some experimental cases, was performed almost a kilometer away from the scanner. They used a kind of infiltrating illumination to fool the device.

Numerous light sources could be used, they say. Hijacked smart bulbs and lasers were both used for the data-grab in experiments, the Ben-Gurion University of the Negev, and Weizmann Institute of Science researchers say in their paper (PDF).

The attack vectors can range in simplicity from just surreptitiously connecting a laser to a stand near the scanner, to outfitting a remote or autonomous flying drone with lasers. One method that could be adopted too, would be to commandeer an existing, office-installed smart bulb—the kind one controls with a smartphone—from a passing car.

Leave a Reply

Your email address will not be published. Required fields are marked *