IoT Devices A Network Cyber Security Risk?

More videos

Network Cyber Security Risks and Smart Technology.

Cyber security is not just about money. It can also be about safety and protection of our very way of life. Successful hackers into a countries or cities power grid could cause damage and loss of life. You have only to look to Puerto Rico to see what it means to loose power to an entire country for months or longer.

A computer virus or well equipped hacker can may be able to inflict similar infrastructure damage as a hurricane with major physical damage.

If we consider now the advent of smart technology, artificial intelligence, self driving vehicles and domestic robots what might be possible with out effective cyber security? How much more dangerous have computer virus technology become? Here is a very strange report of a study done on the vulnerabilities of a common office or home document scanner as a backdoor into a computer network.

This really drives home how creative hackers can be when it comes to finding ways to break into computer networks and smart devices. Sometimes the device themselves become a way to create a backdoor.

Iot device could be used to bypass network cyber security.

A typical office scanner can be infiltrated and a company’s network compromised using different light sources, according to a new paper by researchers from Ben-Gurion University of the Negev and the Weizmann Institute of Science.

“In the paper, “Oops! I Think I Scanned Malware,” we demonstrated how to use a laser or smart bulb to establish a covert channel between an outside attacker and malware installed on a networked computer,” says lead author Ben Nassi, a graduate student in the BGU Department of Software and Information Systems Engineering as well as a researcher at the BGU Cyber Security Research Center (CSRC).

A scanner with the lid left open is sensitive to changes in the surrounding light and might be used as a back door into a company’s network.

The researchers conducted several demonstrations to transmit a message into computers connected to a flatbed scanner. Using direct laser light sources up to a half-mile (900 meters) away, as well as on a drone outside their office building, the researchers successfully sent a message to trigger malware through the scanner.

An normal drone can spy in a window waiting to trigger from a document scanner

An normal drone can spy in a window waiting to trigger from a document scanner to open a backdoor around network cyber security systems

Watch a video of the drone attack.

In another demonstration, the researchers used a Galaxy 4 Smartphone to hijack a smart lightbulb (using radio signals) in the same room as the scanner. Using a program they wrote, they manipulated the smart bulb to emit pulsating light that delivered the triggering message in only seconds. Watch a video of the smart bulb attack.

To mitigate this vulnerability, the researchers recommend organizations connect a scanner to the network through a proxy server a computer that acts as an intermediary which would prevent establishing a covert channel. This might be considered an extreme solution, however, since it also limits printing and faxing remotely on all-in-one devices.

“We believe this study will increase the awareness to this threat and result in secured protocols for scanning that will prevent an attacker from establishing such a covert channel through an external light source, smart bulb, TV, or other IoT (Internet of Things) device,” Nassi says.


You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>