printers in high-rise office buildings could potentially be hijacked by hackers with the use of unmanned aerial vehicles to steal confidential documents.
first reported the researchers wired, Singapore-based demonstrated how malicious actors, armed drone and a mobile phone capable to intercept the documents sent to the Wi-Fi printer that’s otherwise inaccessible to the outside world.
installation consists of a UAV, which is used to transport a mobile phone, on which there are two different applications developed by student researchers Jinghui Toh and Khatib Muhammad led Yuval Elovici, head of iTrust, cybersecurity research center at Singapore University of Technology and Design .
One of the applications is called cyber patrol and actively seeking public printers Wi-Fi, before you can use to protect against attacks firms disclosing sensitive devices. The second application is doing the same thing, but for the establishment of a fake attack on the access point and use it as a springboard for attacks.
The application works by scanning the open SSID of the printer IDs and IDs SSID company. Of those, he can determine the name of the company plus the printer model, and intercept documents he masquerades as a printer and a power range of computers to connect to it, and not a real printer. Then he steals any documents sent to the printer.
expansion of the zone of attack
“The main thing is to develop a mechanism to try to patrol the perimeter of the organization and find open Printers from outside the organization,” says Elovici. “It’s dramatically cheaper than the usual test of the pen.”
Currently, the area is an attack on the drone is limited to 26 meters, although that can be significantly expanded by anyone with enough know-how. The method is also limited by the range of the printer.
- How drones work