Time
2 hours 52 minutes
Difficulty
Intermediate
CEU/CPE
3

Video Transcription

00:00
Welcome back to Printing Security Intermediate Course In this video, I'm going to continue talking about the tax collectors for printing devices
00:08
and what I'm going to talk about a possible attack director. So in previous lesson, I was talking about the ways that you can influence or infiltrate the
00:21
what you can do to a printing the rice and I'm just going to croak was now on the attack collectors.
00:26
So unauthorized Internet success. If you have ah,
00:31
the wise that has interim success, and pretty much all of them are,
00:37
and it's not. You haven't closed it for assets from the outside because it's not the PC. So you weren't paying attention, or we were thinking that this could be a problem
00:49
then, if the device is accessible from the Internet on this is the most common vector. For example, attack can attacker can and what I was talking about, that they can update device bias, former adding some malicious things to it.
01:03
They can change security settings on the device,
01:07
making it easier to be accessed later or they can install militia saps, and you see here that, for example, we have some accounting and access control up on this device. Um, and, uh,
01:26
if this can be installed, then somebody can write something like this.
01:30
This is very important with what you consumed on this screen, which is basically taken from the
01:37
rial device, is that
01:42
this is third party application. So this is not written by a vendor. So if somebody like 1/3 party can get knowledge how to write on application for the printing device,
01:55
then that means that that knowledge is not no longer contained with within the printing renders environment, so it can be easily spread outside.
02:07
Thea Other Vector is to access the device to company network,
02:13
which is happening when security measures on the device or nothing implemented. And in that case, attacker can update device firmer as well,
02:21
so they can do whatever they can. This is how it looks on one of the HP printers that I own. You can change security settings and advise you can install malicious application like if devices accessible from the Internet, you can deny usage of service.
02:42
And these old things are essentially a problem for administrator. If there is somebody already inside the company network as well. So, um, why would somebody that can already have access to the network do something like this? The reason is
03:01
that in this case, the
03:04
they have a higher chance of not being detected
03:07
because people usually don't look at printers in that much detail. So if you want some staging ground for further attack to be done, this is one of the ways that if you have the knowledge to do it very, very discreetly, and Carol currently,
03:24
um, so the next thing you can do is if you have physical access on the device, you can do firmer update. Why USB? So if you
03:35
happened to be inside the
03:37
corporate building, there is a whole way printer
03:39
and nobody's watching. You can come to the device.
03:46
And, of course, if USB ports on the wiser, accessible
03:49
you can install Militia accepts, you can update firmer, Um, and you can change your story and pretty much all the things you can do from the,
04:02
um,
04:04
outside. So it's just much easier. It takes less time, and if you're inside, it's It's usually 5 to 15 minutes. If if you pretend to be a service technician of the will bother. So these things happen,
04:19
and at the end we have print job attack so it can be done with spearfishing. So basically convincing somebody to print something on a printer and that print job is essentially a malicious
04:34
file. Or you can do something like having somebody inside the company do it for you.
04:44
In that case, you can do all these things that you have
04:48
being able to do if you're on the network.
04:51
The only thing is, it's much harder to detect because you're simply sending a print job to the printer, which is something everybody is doing all the time. The company.
05:04
So at the end off this story about a tax, collectors on printers logistics
05:15
do a quick
05:17
learning check, and the question is what can can be done using USB flash drive. So
05:24
can you disable the embedded Web server password? Kenyon stole Lapse or canyon? Still new bias
05:31
and the correct answer is
05:33
that you can disable inventive observer. You can't disable embedded observer password using us before. Sure I. For that you have to
05:44
essentially access the investigator of the device or have physical access to it and do the cold. Recent
05:55
this video we have learned about the remaining possible attack factors that can be used to compromise a printing device. And in next lesson, I'm going to talk about general best practices for printing device securities.

Up Next

Intermediate Printing Security

The Intermediate Printing Security course is intended for IT and cybersecurity professionals that want to learn how to secure print devices.

Instructed By

Instructor Profile Image
Milan Cetic
IT Security Consultant
Instructor