We live complicated times in which every product connected to the network becomes a threat. Something that has to do with the consequences of a connected world, in which every product that has an external connection carries a risk. Something in which two fundamental aspects have much to do.
One of them is the craving of hackers and other avian programmers, whose goal is to sneak into any device to see what useful information they can intercept. The other is formed by the manufacturers of computer products, which are still a step behind the hackers of the first group and are still leaving doors open or still have obsolete and unsafe systems.
Within this context, it is not surprising that theoretically harmless products such as scanners are also threatened by attackers, becoming another door through which hackers and other malicious users can try to gain access and steal information from our team. or our corporate network.
Lighting up an attack
One of the methods that computer security researchers at Ben Gurion University in Israel have precisely the scanner as the protagonist. However, it is true that the method used is somewhat appalling and not exactly discreet, really.
Specifically, to test this system they used the theory that an optical scanner, as a light-sensitive device, could be remotely directed by one of these light sources. A theory by which malware could be inserted into the network and control and send data through it, using laser light emitted from a certain distance to a traditional scanner.
For this, a drone equipped with a laser light was used at a distance of about 900 meters, which was responsible for emitting signals with which to transmit different orders to the computers connected to said scanner. A method that has the advantage of not needing an external network or internet, since the scanner serves as a gateway to the rest of the internal network, being able to find through it a door connected to the outside.
Yes, it is true that, in this case, we are talking about a rather cumbersome method, since it is necessary to have the drone and the laser, hit with the light shot and, above all, that the scanner has the lid open. Because if the scanner has the lid closed, everything we have said is useless
Modifying the scanned
Leaving aside this method, something complex, the truth is that the greatest security risk for scanners is found in those that are networked, which today are the majority. Something that can affect all types of devices, such as malware created by a research group that is even able to modify the results of certain medical tests.
This malware is a very serious problem, since in this modification of the tests you can get to draw tumors in places where there are none. A risk that may involve the execution of operations and treatments in healthy patients, with considerable additional expense and, obviously, the health risks associated with unnecessary practices. So it seems really necessary to fight against this type of risk.
Worst of all, the different tests to which the professionals who saw the images were submitted, since luckily we talked about an internal test, resulted in them not being able to detect which tests had been tricked and which were not . Something that has a lot to do with the design of malware, which combines the use of neural networks and artificial intelligence, so that the veracity of the modified results is so high as to deceive one of these professionals.
To make matters worse, this malware did not need more than a Rasperry, 30 seconds and the knowledge necessary to infect the system. Once infected, it does not need maintenance and remains hidden, infecting tests and modifying results. So the problem with this system is that it can break the confidence in medical instruments. Luckily, this whole attack was a laboratory test developed by a security group, aimed precisely at drawing attention to these risks.
It is necessary to strengthen security
One of the main aspects that make these two cases clear is that scanners need to improve their security. If it is true that in the case of the table scanner we talk about a rudimentary procedure, but the truth is that any device connected to the network does become a threat.
In fact, one of the main complaints of security experts has to do precisely with this, with the amount of open doors that are left open when developing such products. A section in which there is still much to do, especially if we take into account that today it is normal for this type of products to be connected to the network to scan in the cloud, for example.
Another problem with scanner security is the possibility that scanning certain items may affect its operation. Something that would allow an attacker to take control of the device in case of scanning certain code. It is something rare and requires physical presence to execute the attack, but it is possible to do so if the device does not have the corresponding security.
Finally, there is a problem with body scanners, such as fingerprints or even iris scanners. There are several experiments that, without being science fiction films, have been able to circumvent the security of these systems by simulating fingerprints and other similar systems. One of the most prominent cases of recent times was the hacking of the retina system of the new Galaxy S8.
An unconventional procedure for which he only needed a few lenses and a photo. Signal that much remains to be done by security engineers when it comes to completely securing their devices, especially given the diversity of creative attacks that these devices can receive.