A team of research scientists from the University of California, San Diego, the University of Michigan, & Johns Hopkins University have discovered numerous security vulnerabilities in full-body backscatter X-ray scanners deployed to U.S. airports. The team is scheduled to present their findings publicly Thursday, August 21, 2014 at the USENIX Security Conference. (Full Paper Here)
In laboratory tests, the team was able to successfully conceal firearms & plastic explosive simulants from a backscatter x-ray machine deployed by DHS & TSA at US airports. The team was also able to modify the scanner operating software so it presents an “all-clear” image to the operator even when contraband was detected. “Frankly, we were shocked by what we found,” said J. Alex Halderman, Professor of Computer Science at the University of Michigan.
“A clever attacker can smuggle contraband past the machines using surprisingly low-tech techniques.”
The researchers attribute shortcomings to the process by which the machines were designed & evaluated before introduction at airports.
“The system’s designers seem to have assumed that attackers would not have access to a Secure 1000 to test and refine their attacks,” said Hovav Shacham, a Professor of Computer Science at UC San Diego (pictured above | photo credit: Erik Jepsen, U.C. San Diego Publications.) However, the researchers were able to purchase a government-surplus machine found on eBay & subject it to laboratory testing.
Many physical security systems protecting critical infrastructure are evaluated in secret, without input from the public or independent experts, the researchers said. In the case of the Secure 1000 backscatter x-ray machine, secrecy did not produce a system resistant to attackers who study & adapt to new security measures. “Secret testing should be replaced or augmented by rigorous, public, independent testing of the sort common in computer security,” said Prof. Shacham.
Repurposed to jails, courthouses, & other government facilities… while researchers have suggested changes to screening procedures to can reduce, but not eliminate, the scanners’ blind spots… “Any screening process using these machines has to take into account their limitations,” said Prof. Shacham.