Just in:
Emirati Aid Reaches Ukraine as Food Shortages Bite // Andertoons by Mark Anderson for Thu, 28 Mar 2024 // CABSAT 2024 Ushers in 30 Years of Media Innovation // Universal Language for Healthcare: General Authority Embraces Global Coding System // Sharjah Chamber Breaks Ground on Final Expansion with New HQ Pact // New Nylon Constant Torque Hinge From Southco Provides Position Control In A Compact Package // No running of govt from jail, says Delhi Lt Governor // 2024 Lok Sabha Elections Will Be The Costliest One Till Now In The Whole World // Sunshine’s Debut Features Leave Tech World Scratching Its Head // US reiterates concern over Kejriwal arrest, Cong accounts // French Leaders Gather for Interfaith Iftar Dinner // Infineon and HD Korea Shipbuilding & Offshore Engineering jointly develop ship electrification technology // Arvind Kejriwal Was Used By BJP In 2011 Movement To Take On The Congress // Global Audience to Witness Thrill of Dubai World Cup // AIA Hong Kong Wins More Than 20 Accolades at MPF Ratings MPF Awards, BENCHMARK MPF of The Year Awards and Bloomberg Businessweek Top Fund Awards // First-Ever Fortune Innovation Forum Draws Top Global Leaders to Hong Kong, Promoting Agendas On Collective Cross-Sector Advancement // Ingdan Announces 2023 Annual Results // Experience Ultimate Shopping Freedom at 4.4 Shopee Spree: Don’t Worry, Shop Shopee! // Following the Money Trail: US and UK Investigate $20 Billion in USDT Transfers Tied to Sanctioned Russian Exchange // Lisboeta Macau’s world first LINE FRIENDS PRESENTS CASA DE AMIGO and BROWN & FRIENDS CAFE & BISTRO has officially opened //
HomeTAP ResearchDesktop scanners can be hijacked to perpetrate cyberattacks

Desktop scanners can be hijacked to perpetrate cyberattacks

1490732436 58da97afecd99

A typical office scanner can be infiltrated and a company’s network compromised using different light sources, according to a new paper by researchers from Ben-Gurion University of the Negev and the Weizmann Institute of Science.

“In the paper, “Oops! I Think I Scanned Malware,” we demonstrated how to use a laser or smart bulb to establish a covert channel between an outside attacker and malware installed on a networked computer,” says lead author Ben Nassi, a graduate student in the BGU Department of Software and Information Systems Engineering as well as a researcher at the BGU Cyber Security Research Center (CSRC). “A scanner with the lid left open is sensitive to changes in the surrounding light and might be used as a back door into a company’s network.”

ADVERTISEMENT

The researchers conducted several demonstrations to transmit a message into computers connected to a flatbed scanner. Using direct laser light sources up to a half-mile (900 meters) away, as well as on a drone outside their office building, the researchers successfully sent a message to trigger malware through the scanner.

The video will load shortly

In another demonstration, the researchers used a Galaxy 4 Smartphone to hijack a smart lightbulb (using radio signals) in the same room as the scanner. Using a program they wrote, they manipulated the smart bulb to emit pulsating light that delivered the triggering message in only seconds. Watch a video of the smart bulb attack.

The video will load shortly

To mitigate this vulnerability, the researchers recommend organizations connect a to the network through a proxy server—a computer that acts as an intermediary—which would prevent establishing a covert channel. This might be considered an extreme solution, however, since it also limits printing and faxing remotely on all-in-one devices.

“We believe this study will increase the awareness to this threat and result in secured protocols for scanning that will prevent an attacker from establishing such a covert channel through an external source, smart bulb, TV, or other IoT (Internet of Things) device,” Nassi says.

Prof. Adi Shamir of the Department of Applied Mathematics at the Weizmann Institute conceived of the project to identify new network vulnerabilities by establishing a clandestine channel in a computer .

Ben Nassi’s Ph.D. research advisor is Prof. Yuval Elovici, a member of the BGU Department of Software and Information Systems Engineering and director of the Deutsche Telekom Laboratories@BGU. Prof. Elovici is also director of the CSRC.


Explore further:
New technique completely protects internet pictures and videos from cyberattacks

Source link

ADVERTISEMENT

ADVERTISEMENT
Just in:
Saudi Arabia Unveils Green Financing Tool to Achieve Net-Zero Goals // Ajman Celebrates Conclusion of Ramadan Activities with Grand Ceremony // French Leaders Gather for Interfaith Iftar Dinner // Konica Minolta is named ASEAN 2023 Market Leader in Colour Light and Mid Digital Production Printers // Sharpening the Focus: Sharjah Health Department Refines Evaluation Criteria for “Healthy Schools Programme” // Hope for Respite as UAE Endorses UN Plea for Gaza Truce // 2024 Lok Sabha Elections Will Be The Costliest One Till Now In The Whole World // New Nylon Constant Torque Hinge From Southco Provides Position Control In A Compact Package // Ingdan Announces 2023 Annual Results // Lisboeta Macau’s world first LINE FRIENDS PRESENTS CASA DE AMIGO and BROWN & FRIENDS CAFE & BISTRO has officially opened // AIA Hong Kong Wins More Than 20 Accolades at MPF Ratings MPF Awards, BENCHMARK MPF of The Year Awards and Bloomberg Businessweek Top Fund Awards // U.S. Compliance Takes Center Stage at OKX Following Industry Jitters // Andertoons by Mark Anderson for Thu, 28 Mar 2024 // Sunshine’s Debut Features Leave Tech World Scratching Its Head // Infineon and HD Korea Shipbuilding & Offshore Engineering jointly develop ship electrification technology // Universal Language for Healthcare: General Authority Embraces Global Coding System // Emirati Aid Reaches Ukraine as Food Shortages Bite // TUMI Hosts Global Launch Event in Singapore to Unveil Women’s Asra Collection and Announce Global Ambassador, Mun Ka Young // Global Audience to Witness Thrill of Dubai World Cup // CABSAT 2024 Ushers in 30 Years of Media Innovation //