Walk-through metal detectors (aka the ones which you often see at public places like airports) seem to be pretty simple machines. You walk through them, they detect anything metal on you (or don't), and that's it. Right?
Well, it turns out nothing is that simple with these detectors. That's because, according to Gizmodo, these machines have several security flaws that render them vulnerable to tampering from hackers.
When exploited, the flaws in walk-through metal detectors would allow hackers to take them offline, read their data or alter it, and basically mess everything up about them.
Metal detectors that suffer from this vulnerability are notably made by a well-known US-based company called Garrett. These detectors are pretty ubiquitous these days as you can see them wherever there is a need to defend against deadly metal-based weaponry.
According to researchers from a firm called Cisco Talos, Garrett uses an iC module in their detectors that give the machines network connectivity. This module, as per their research, can be manipulated to serve a wide variety of illicit purposes.
There were seven different vulnerabilities discovered in the iC modules of specific Garrett metal detector models: the PD6500i and Multi-Zone, writes SecurityWeek.
But despite the potential dangers, Talos did say that those who rely heavily on the machines can protect against hackers simply by updating the firmware. This is due to the Talos researchers actually notifying Garrett of the vulnerabilities. And as of December 13th, the company has purportedly already fixed the issues.
In security terms, hackable walk-through detectors are bad news. However, as per the original Gizmodo report, the chances of hackers actually tampering with these machines are few and far between.
Walk-Through Metal Detectors, Log4J: It's A Burgeoning Hacking Epidemic
It seems like the world is now fighting two types of pandemics at once: one of a biological nature, and the other a more digital one. As such, hackable walk-through metal detectors seem to be quite expected for the moment.
One can assume this is due to the discovery of the Log4J exploit. For the uninitiated, Log4J is a tool that lets software developers "log" important events and errors in their programs. However, the problem with it is that hackers with the right skillset can "manipulate" the tool into running bad code.
The result is what looks to be a new hacking epidemic, and the numbers don't lie. Merely three days after being discovered, Log4J was used in 840,000 cyberattacks with breaches coming at as many as 100 attacks every single minute.
One of the biggest issues with the Log4J tool is its ubiquity. A lot of big tech companies actually use the tool, including the likes of CloudFlare and Microsoft. As such, cybercriminals now have potential access to millions upon millions of devices all over the world.
This is the same issue with Garrett's walk-through metal detectors: the commonplace nature of their hackable iC modules. And it's something that no one should take lightly.
Related Article : Crypto Heist Hacker Gets Job Offer from Poly Network after Stealing $600M and Returning It
This article is owned by Tech Times
Written by RJ Pierce