A scanner darkly: how your flatbed could be at risk from a smart bulb

Or a laser-toting drone…

Increasingly of late, we’ve been hearing about how various pieces of hardware can be hacked in improbable sounding ways – like your monitor, for example – and here’s another: your scanner could potentially be compromised via a smart bulb.

Yes, you read that correctly. There are caveats here, as you might expect, one of them being that the flatbed scanner has to be left with its lid open, because in this case, it’s sensitive to changes in the light levels of the surrounding area.

And a would-be attacker could exploit that fact and leverage the scanner as a backdoor onto a company network, using something as simple as a smart light bulb which is installed in the same room.

This comes from a paper – ‘Oops! I Think I Scanned Malware’ – authored by researchers at the Ben-Gurion University of the Negev and the Weizmann Institute of Science, both of which are in Israel.

Drones with frickin’ laser beams

The scientists successfully used a direct laser light to transmit a message that triggered malware on a PC via a connected flatbed scanner, with the laser being situated up to half a mile away, or mounted on a drone hovering outside the office building.

And in a second case, the researchers managed to use a Samsung smartphone to hijack a smart light bulb (via Wi-Fi) located in the same room as the scanner, and then used a program to get the bulb to emit pulses of light which triggered the malware just as in the above situation.

Note that this is using the smart bulb to trigger malware already installed on the networked PC, but it’s still a worrying lesson in how vulnerabilities can pop up in the most unexpected places.

As Science Daily reports, lead author of the paper, Ben Nassi, commented: “We believe this study will increase the awareness to this threat and result in secured protocols for scanning that will prevent an attacker from establishing such a covert channel through an external light source, smart bulb, TV, or other IoT (Internet of Things) device.”

Currently recommended mitigations for this flaw include the suggestion of connecting the scanner to the company network via a proxy server, which would block the establishment of the covert channel used to send the message by the attacker.

Presumably it’s also a good idea to simply make sure the scanner lid is kept closed when not in use – that certainly wouldn’t hurt (and keeps the dust out anyway, so it’s good practice full-stop).

Not so long ago, we heard news of a worm capable of spreading itself swiftly across Philips Hue bulbs, all of which begs the question: are connected light bulbs really a smart idea?