Hackers can now attack from the air by fixing a mobile phone to a drone. Researchers from the Singapore University of Technology and Design have added a new threat level to the possibilities of hacking; handily stealing documents from a wi-fi printer by posing as the printer itself and grabbing anything sent to it.
The experiment was not carried out in the wild, but to help companies discover if their wi-fi devices are vulnerable. That said, if such an experiment is possible in a controlled environment then it's also possible for corporate spies, malicious parties and hackers.
Many printers, among other devices, contain default wi-fi technology that, as many forget to change, makes it easy for hackers to get into systems and cause mayhem.
Using the drone as a ferry, the researchers developed two iPhone apps to attack the insecure wi-fi devices. the first, called Cyber-security Patrol, detects wi-fi printers for defence and the second, detects them for attack. Once this second app has found the compromisable device, it impersonates the printer in order to catch the documents that an unsuspecting user might send to the printer.
The hacking drone is made of a drone from DJI, a Chinese firm, and a regular smartphone and can discover and mimic devices within nearly 30 metres. That said, the drone allows the physical access that might allow attackers the mobile element that normal physical access cannot provide.
Yuval Elovici, head of iTrust a cyber-security research centre in Singapore told Wired online that while it would be difficult to get physical access to many valuable systems in Singapore on account of its many skyscrapers, “a drone can do it easily. This is the main point of the research, closing the physical gap with [a] drone in order to launch the attack or scan easily all the organisation [for vulnerable devices].”