Smartphone can hack 3-D printer to steal intellectual property

New York: The sophisticated gadgetry in smartphones makes them ideal tools to steal sensitive data from 3-D printers, says a study.

That’s according to a new University at Buffalo study that explores security vulnerabilities of 3-D printing, also called additive manufacturing, which analysts say will become a multibillion-dollar industry employed to build everything from rocket engines to heart valves.

“Many companies are betting on 3-D printing to revolutionise their businesses, but there are still security unknowns associated with these machines that leave intellectual property vulnerable,” said the study’s lead author Wenyao Xu, Assistant Professor at University at Buffalo in New York.

Unlike most security hacks, the researchers did not simulate a cyberattack. Many 3-D printers have features, such as encryption and watermarks, designed to foil such incursions.

Instead, the researchers programmed a common smartphone’s built-in sensors to measure electromagnetic energy and acoustic waves that emanate from 3-D printers.

These sensors can infer the location of the print nozzle as it moves to create the three-dimensional object being printed.

The smartphone, at 20 centimetres away from the printer, gathered enough data to enable the researchers to replicate printing a simple object, such as a door stop, with a 94 per cent accuracy rate.

For complex objects, such as an automotive part or medical device, the accuracy rate was lower but still above 90 per cent.

“The tests show that smartphones are quite capable of retrieving enough data to put sensitive information at risk,” co-author of the study Kui Ren, Professor at University at Buffalo, said in a university statement.

The richest source of information came from electromagnetic waves, which accounted for about 80 per cent of the useful data. The remaining data came from acoustic waves.

The detailed findings will be presented at the Association for Computing Machinery’s 23rd annual Conference on Computer and Communications Security in October in Austria.

IANS