Printers in high-rise office buildings could potentially be hijacked by hackers using drones to pilfer confidential documents.
First reported by Wired, Singapore-based researchers demonstrated how malicious actors armed with a drone and mobile phone are able to intercept documents sent to a Wi-Fi printer that's otherwise inaccessible to the outside world.
The setup consists of a drone that's used to transport a mobile phone on which there are two different apps designed by student researchers Jinghui Toh and Hatib Muhammad under the guidance of Yuval Elovici, head of iTrust, a cybersecurity research centre at the Singapore University of Technology and Design.
One of the apps is called Cybersecurity Patrol and actively looks for open Wi-Fi printers before being used defend firms against attacks by uncovering vulnerable devices. The second app does the same thing, but is intended to attack by establishing a fake access point and using it as a springboard to launch an attack.
The app works by scanning for open printer SSIDs and company SSIDs. From those it can identify the name of the firm plus the printer model, and to intercept documents it masquerades as a printer and forces nearby computers to connect to it instead of the real printer. Then it steals any documents that are sent to be printed.
Attack zone expansion
"The main point was to develop a mechanism to try to patrol the perimeter of the organisation and find open printers from outside the organisation," Elovici says. "It's dramatically cheaper than a conventional pen test."
Currently the attack zone for the drone is limited to 26 metres, although that can be extended considerably by anyone with sufficient know-how. The method is also limited by the range of the printer itself.