We are always very much sure about this thing that if, our office is on the 35th floor or 40th floor of that building, where we are woking then we are totally secured from the WI-FI or internet hackers as they cannot steal any of your important and official data.
But my friends we are totally wrong as in Singapore a research has been proved that with the help of a mobile and a drone, Very smoothly hackers could seize the all important official documents who were sent to that WI-FI Printer which was surely unreachable for attackers. In fact the way they discover for this is advised to support the organizations to decide easily and cheaply if susceptible open Wi-Fi devices available with them who can be obtained from sky. But by the corporate spies the same technique could also be used.
The drone is a carrier which is used to barge the mobile which has two various apps designed by the researchers. One app is called the Cybersecurity Patrol, which disclose the Wi-Fi printers which are using some where and can be used for opposing task to disclose sensitive devices and inform the organizations that they are ready for invasion. The same function is performed by the second app that is detection, but with the intention to attack. As soon as the WI-FI printer detects by the drone it app uses the mobile to setup an access point which is actually false that imitate the printer and then documents will be hijacked who was proposed for the actual device.
“Yuval Elovici” who is head of the iTrust which is cybersecurity center of research at the Singapore University of Technology and Design, says that there are many high rise building or towers in Singapore and it will be really challenging to hack any information from the 35th floor with your laptop depends on the physical connection but for a drone it is very easy task. It is the Prime motto of research, to cover that physical breach so that scan of whole organization can be smoothly done and attack can be performed on accessible devices.
Under the directions of Yuval Elovici, Two researchers Hatib Muhammad and Jinghui Toh develop this method of hacking. According to them Wi-fi printers were their center of attractions as thet are very weak targets in offices.It has been send that these days by default most of wireless printers are coming woth open wireless coneection but the manufacturing companies forget this thing that open wireless network is an invitation to hackers that come and get important data by unauthorized way.
In order to demonstrate it they take Samsung mobile and a drone from DJI that is firm from China. App installed in their mobile search SSIDs of compant and open wireless printer because the app can scan the model of printer and as well as they can recognise the company’s name. then it acts like printer and rather than connect to the actual printer, It forces the nearest laptop or computer to connect with it. it will takee only few seconds to seize or hijack the document and with the help of 3G network, immediately this app on mobile will send seized information on the dropbox account of the hijacker and at the same time the same iformation will be send to the actual printer so that victum should not aware the data has already beenb hacked.
The radius of zone of attack is just 26 meters. According to Elovici, with the help of committed tools, Attacking range can be increased and powerful signals can be generated. Under the attacking area any system can connect to a false printer rather than actual one.
The primary motto of this research is to demonstrate that to oppose them that you do not need to locate near to any wireless device so that your data should be hijacked because attacker can control their drones from anywhere, near to your office or mile away from your premises.
As per Elovici, a printer has 30 meters of normal range. Drone required to do scan the all devices in the building who can be accessed easily, but it totally depends upon the particular device’s wireless signals.
However, it was not important to convert mobile in a false printer.
They oppositely arrange the protocols of printer which was communicating to system in order to send documents, After the purchase of HP6830 printer, Afterwords they implanted the samsung mobile so that Dedian operating system can install on it. They wrote python codes for the app, which pretend as HP printer.
Every organizations who want to know that how many accessible devices are there, they can attack no them by installing app of Cybersecurity Patrol over the mobile phone and then connect it with drone in order to scan the premises or office for unsafe wireless devices and printers. As i have explained earlier that drone is not necessary to perform this task.We can attach a mobile phone with that app and with a robot vacuum cleaner and leave it inside the office so that it can scan accessible devices as also clean foor of company.
The main focus of this research to develop a structure who can guard the boundaries of the Premises or building and search for all open devices and printers from outside of buiulding. It’s relatively reasonable than a triditional pen test.