![[article image]](https://cacm.acm.org/system/assets/0002/6900/032917_www.hastac.org_usingthescanner.large.jpeg?1490805094&1490805093 "Office scanners can pose security risks.")
Researchers from the Ben-Gurion University of the Negev (BGU) and the Weizmann Institute of Science in Israel have found a typical office scanner can be infiltrated and an organization's network compromised using different light sources.
The researchers demonstrated how to use a laser or smart bulb to establish a covert channel between an outside attacker and malware installed on a networked computer, according to BGU researcher Ben Nassi. He warns a scanner with the lid left open is sensitive to changes in the surrounding light and might be used as a backdoor into an organization's network.
The researchers demonstrated using direct laser light sources up to a half-mile away, as well as a drone outside the building, to successfully transmit a message to trigger malware through the scanner.
They recommend organizations connect a scanner to the network via a proxy server, which would prevent establishing a covert channel.
From American Associates, Ben-Gurion University of the Negev
View Full Article