Skip to main content
  1. Home
  2. Emerging Tech
  3. News

Targeting flatbed scanners could allow hackers to break into secure "air-gapped" computer systems

By
Infiltration of command to an air-gapped network using a laser installed in a drone via a scanner
Like some geeky, tech-savvy version of the Circle of Life song from
Recommended Videos
The Lion King, there’s a never-ending feedback loop between the ingenuity of hackers and security-minded researchers’ attempts to think one step ahead of them.
Related

The latest example comes courtesy of researchers from the Cyber Security Research Center at Israel’s Ben-Gurion University, who have conceived of a method by which hackers could bypass firewalls and intrusion-detection systems by hacking flatbed scanners using a laser-toting drone.

“This work presents a way in which an organization’s scanner can be used as a gateway for the purpose of communication under the radar with previously installed malware, even on isolated networks, with an outside attacker using a laser,” Ben Nassi, a graduate student at the Cyber Security Research Center, who was a co-author on a paper describing the method, told Digital Trends. “In addition, it shows how trying to hide the scanner from the line of sight won’t help because an Internet of Things device that’s located nearby can be hijacked and used as a means to module the command to the scanner.”

The method is effective from a distance of 900 meters using lasers that can be easily purchased online from places like eBay. Using the technique, the researchers were able to achieve data transmission rates of 25-50 milliseconds per bit. No, that’s not going to match your broadband download speed, but it’s enough to send commands that could control a bot on an isolated “air-gapped” system, meaning one that’s not otherwise connected to the outside world.

The attack does require that malware is first installed on a system somehow, but after that it could be commanded in certain terrifying ways — such as Nassi’s uncomfortable examples of “shutdown system” or “launch missile.”

So if simply moving your flatbed scanner out of line of sight won’t work, what does he suggest as a possible solution? “We suggest you disconnect the scanner from the network and use via a proxy computer that will be monitored by a model that has learned to identify the attack,” he continued. “That way anyone trying to send a message to the organization will be detected and prevented.”

While this may seem extra-cautious, when you’re dealing with computer systems that can potentially cause massive amounts of damage — either by controlling systems we rely on or through the leaking of sensitive data — you really can’t be too careful.

We bet you’ll never look at your innocuous flatbed scanner the same way again!

Editors’ Recommendations

Topics
Luke Dormehl
Luke Dormehl
Contributor
I'm a UK-based tech writer covering Cool Tech at Digital Trends. I've also written for Fast Company, Wired, the Guardian…
The best portable power stations
EcoFlow DELTA 2 on table at campsite for quick charging.

Affordable and efficient portable power is a necessity these days, keeping our electronic devices operational while on the go. But there are literally dozens of options to choose from, making it abundantly difficult to decide which mobile charging solution is best for you. We've sorted through countless portable power options and came up with six of the best portable power stations to keep your smartphones, tablets, laptops, and other gadgets functioning while living off the grid.
The best overall: Jackery Explorer 1000

Jackery has been a mainstay in the portable power market for several years, and today, the company continues to set the standard. With three AC outlets, two USB-A, and two USB-C plugs, you'll have plenty of options for keeping your gadgets charged.

Read more
CES 2023: HD Hyundai’s Avikus is an A.I. for autonomous boat and marine navigation
Demonstration of NeuBoat level 2 autonomous navigation system at the Fort Lauderdale International Boat Show

This content was produced in partnership with HD Hyundai.
Autonomous vehicle navigation technology is certainly nothing new and has been in the works for the better part of a decade at this point. But one of the most common forms we see and hear about is the type used to control steering in road-based vehicles. That's not the only place where technology can make a huge difference. Autonomous driving systems can offer incredible benefits to boats and marine vehicles, too, which is precisely why HD Hyundai has unveiled its Avikus AI technology -- for marine and watercraft vehicles.

More recently, HD Hyundai participated in the Fort Lauderdale International Boat Show, to demo its NeuBoat level 2 autonomous navigation system for recreational boats. The name mashes together the words "neuron" and "boat" and is quite fitting since the Avikus' A.I. navigation tech is a core component of the solution, it will handle self-recognition, real-time decisions, and controls when on the water. Of course, there are a lot of things happening behind the scenes with HD Hyundai's autonomous navigation solution, which we'll dive into below -- HD Hyundai will also be introducing more about the tech at CES 2023.

Read more
This AI cloned my voice using just three minutes of audio
acapela group voice cloning ad

There's a scene in Mission Impossible 3 that you might recall. In it, our hero Ethan Hunt (Tom Cruise) tackles the movie's villain, holds him at gunpoint, and forces him to read a bizarre series of sentences aloud.

"The pleasure of Busby's company is what I most enjoy," he reluctantly reads. "He put a tack on Miss Yancy's chair, and she called him a horrible boy. At the end of the month, he was flinging two kittens across the width of the room ..."

Read more