Skip to main content

Targeting flatbed scanners could allow hackers to break into secure "air-gapped" computer systems

Infiltration of command to an air-gapped network using a laser installed in a drone via a scanner
Like some geeky, tech-savvy version of the Circle of Life song from The Lion King, there’s a never-ending feedback loop between the ingenuity of hackers and security-minded researchers’ attempts to think one step ahead of them.

The latest example comes courtesy of researchers from the Cyber Security Research Center at Israel’s Ben-Gurion University, who have conceived of a method by which hackers could bypass firewalls and intrusion-detection systems by hacking flatbed scanners using a laser-toting drone.

Related Videos

“This work presents a way in which an organization’s scanner can be used as a gateway for the purpose of communication under the radar with previously installed malware, even on isolated networks, with an outside attacker using a laser,” Ben Nassi, a graduate student at the Cyber Security Research Center, who was a co-author on a paper describing the method, told Digital Trends. “In addition, it shows how trying to hide the scanner from the line of sight won’t help because an Internet of Things device that’s located nearby can be hijacked and used as a means to module the command to the scanner.”

The method is effective from a distance of 900 meters using lasers that can be easily purchased online from places like eBay. Using the technique, the researchers were able to achieve data transmission rates of 25-50 milliseconds per bit. No, that’s not going to match your broadband download speed, but it’s enough to send commands that could control a bot on an isolated “air-gapped” system, meaning one that’s not otherwise connected to the outside world.

The attack does require that malware is first installed on a system somehow, but after that it could be commanded in certain terrifying ways — such as Nassi’s uncomfortable examples of “shutdown system” or “launch missile.”

So if simply moving your flatbed scanner out of line of sight won’t work, what does he suggest as a possible solution? “We suggest you disconnect the scanner from the network and use via a proxy computer that will be monitored by a model that has learned to identify the attack,” he continued. “That way anyone trying to send a message to the organization will be detected and prevented.”

While this may seem extra-cautious, when you’re dealing with computer systems that can potentially cause massive amounts of damage — either by controlling systems we rely on or through the leaking of sensitive data — you really can’t be too careful.

We bet you’ll never look at your innocuous flatbed scanner the same way again!

Editors' Recommendations

Using LastPass? You need to switch urgently, says security firm
A dark mystery hand typing on a laptop computer at night.

It’s a good idea to use one of the best password managers to keep your logins safe, but now a security company is warning that one of the most popular password managers in the world is not safe to use.

The extraordinary claim comes from Intego, a firm that specializes in Mac security. Intego made its assertion based on a series of security breaches LastPass has suffered in recent months, the way LastPass has responded to those incidents, and the underlying technology LastPass uses to protect customer accounts.

Read more
Hackers just stole LastPass data, but your passwords are safe
A physical lock placed on a keyboard to represent a locked keyboard.

The developers behind password management software LastPass have just shared some concerning news: Bad actors were recently able to access “elements of our customers’ information” in a recent security breach.

It’s the second time in just a couple of months that LastPass has suffered a security incident, and it appears the two events are directly linked. That’s because LastPass’s developers say that the unauthorized party was able to access customer data “using information obtained in the August 2022 incident.”

Read more
This free service just hit a huge website security milestone
global internet usage one zettabyte computer server room information cloud web net

One of the most important security features that protect your personal data as you browse and interact with various websites is enabled by a free service from a company called Let's Encrypt. As the name implies, this involves encrypting data to make it more difficult for your information to be intercepted in a readable form.
Website encryption is incredibly important on shopping websites since you usually need to fill out a form with your email address, shipping address, and phone number in order to get updates on the order status and receive the items you've ordered. Even more sensitive than your contact information and address, your payment information is needed to pay for that awesome, new tech, kitchen gadget, or toy.

In the early internet, encryption wasn't as common as it is today, and Let's Encrypt has played a huge role in making website security universal across the World Wide Web. Starting in 2015, Let's Encrypt took steps to ease the burden of encryption which came at a significant cost that was prohibitive for small businesses compared to the relative ease of creating a website today. Beyond the expense of ordering a Secure Sockets Layer certificate (SSL), which could cost hundreds of dollars each year, it wasn't easy to install this technology on a website. That meant most small websites were not encrypted.

Read more