2 hours 52 minutes
Welcome back to Printing Security Intermediate Course In this video, I'm going to continue talking about the tax collectors for printing devices
and what I'm going to talk about a possible attack director. So in previous lesson, I was talking about the ways that you can influence or infiltrate the
what you can do to a printing the rice and I'm just going to croak was now on the attack collectors.
So unauthorized Internet success. If you have ah,
the wise that has interim success, and pretty much all of them are,
and it's not. You haven't closed it for assets from the outside because it's not the PC. So you weren't paying attention, or we were thinking that this could be a problem
then, if the device is accessible from the Internet on this is the most common vector. For example, attack can attacker can and what I was talking about, that they can update device bias, former adding some malicious things to it.
They can change security settings on the device,
making it easier to be accessed later or they can install militia saps, and you see here that, for example, we have some accounting and access control up on this device. Um, and, uh,
if this can be installed, then somebody can write something like this.
This is very important with what you consumed on this screen, which is basically taken from the
rial device, is that
this is third party application. So this is not written by a vendor. So if somebody like 1/3 party can get knowledge how to write on application for the printing device,
then that means that that knowledge is not no longer contained with within the printing renders environment, so it can be easily spread outside.
Thea Other Vector is to access the device to company network,
which is happening when security measures on the device or nothing implemented. And in that case, attacker can update device firmer as well,
so they can do whatever they can. This is how it looks on one of the HP printers that I own. You can change security settings and advise you can install malicious application like if devices accessible from the Internet, you can deny usage of service.
And these old things are essentially a problem for administrator. If there is somebody already inside the company network as well. So, um, why would somebody that can already have access to the network do something like this? The reason is
that in this case, the
they have a higher chance of not being detected
because people usually don't look at printers in that much detail. So if you want some staging ground for further attack to be done, this is one of the ways that if you have the knowledge to do it very, very discreetly, and Carol currently,
um, so the next thing you can do is if you have physical access on the device, you can do firmer update. Why USB? So if you
happened to be inside the
corporate building, there is a whole way printer
and nobody's watching. You can come to the device.
And, of course, if USB ports on the wiser, accessible
you can install Militia accepts, you can update firmer, Um, and you can change your story and pretty much all the things you can do from the,
outside. So it's just much easier. It takes less time, and if you're inside, it's It's usually 5 to 15 minutes. If if you pretend to be a service technician of the will bother. So these things happen,
and at the end we have print job attack so it can be done with spearfishing. So basically convincing somebody to print something on a printer and that print job is essentially a malicious
file. Or you can do something like having somebody inside the company do it for you.
In that case, you can do all these things that you have
being able to do if you're on the network.
The only thing is, it's much harder to detect because you're simply sending a print job to the printer, which is something everybody is doing all the time. The company.
So at the end off this story about a tax, collectors on printers logistics
do a quick
learning check, and the question is what can can be done using USB flash drive. So
can you disable the embedded Web server password? Kenyon stole Lapse or canyon? Still new bias
and the correct answer is
that you can disable inventive observer. You can't disable embedded observer password using us before. Sure I. For that you have to
essentially access the investigator of the device or have physical access to it and do the cold. Recent
this video we have learned about the remaining possible attack factors that can be used to compromise a printing device. And in next lesson, I'm going to talk about general best practices for printing device securities.