2 hours 52 minutes
Welcome back to Printing Security Intermediate course on. And in this lesson I'm going to talk about potential damage that can be done by printing device.
So part of this lesson is going to be a story about how can printing device be used for malicious intent
and then going to talk about in details about print job attacks and P jail script attacks.
So let's ah, let's look at the printing devices are a security risk.
First security risk is that it is not sufficiently monitored.
That is the reason in the fact that monitor tools are render specific. So if you want to look in each and every detail of a device, you need to have ah, software that is made by printing, printer, vendor or printing device vendor.
The problem is that most companies have multi even their environment, which means that
you need to have people that are specialized in each and every one of these tools or software's.
And because this is usually not the case because of the budget constraints, and you can have just one person because that person has to go on holiday sometimes or can be sick
eso you have to have two people, and then usually they're not. Ah,
well, worst in all of these Softwares. So you have a team of maybe 12 maybe three people who are monitoring printing the races.
And they are basically just looking at the most important things which are essentially not the security
things regarding these printers, but just to make sure that fleet dysfunction that people can print.
The second reason why printing the wives have become such a huge risk is because they are
fully capable computing devices. The processors, they have memories. They have storage in terms of hard drives, RSS these or flash drives.
And if somebody messes with their operating system, which is sometimes
ah, proprietary but sometimes can be also something like Windows, I o. T.
Then they can use that device
to attack other devices on the network occurred. The network itself, so it can be used, is the back door as well.
And the fourth major risk that disposed by printing devices is that there is no standardized enter endpoint protection for printers for printing devices.
Again, this comes because off the usual way, the printer vendors are hiding the stuff that they put inside their printers in terms of firmer and bias from other Wenders, because this is something that
helps them take some kind of advantage over competition.
Even if it doesn't, they still tend to
close things up.
So there is no industry standard that can help protect printing devices.
Now, what can be done with the printing device in terms of damage to other parts of fighting system
First, from the device itself, you can have confidential and sensitive information leak.
So if you have, ah, somehow manipulated the,
um, device itself, you can use it toe. See, for example, everything that has been printed on the device, including some confidential information. So if it's ah, financial sector, you can see people's credit card numbers.
If it's a health care, you can see people's,
um, confidential medical records that are being printed for whatever reason on. And also you can just look at find some some regular confidential company confidential information, like maybe payroll lists.
Second, if you're smart enough, and if you have ah, skill enough, you can do the
installed some kind of software on a printing device that can do network sniffing or male sniffing
and even you can use it as a staging ground for other attacks. So basically you can infect Ah printing device with some kind of malware that is not directly dangerous to the device but can spread to other devices like PC's on the network.
And finally, if printing device is not sufficiently
protected, you can use that device is a back door to enter the network
because that device can execute code. So if it can execute code, you can put the code in the device and then use that cold to look around.
So among the types of attacks that exists on on printing devices today,
1st 1 is print job or PG TeleTech
so that their effect toe printing the wise can be compared. Toa, for example, Excel file attack that you can have on the PC
Eso in Excel. You can put some code and then that call their executed. It can go all sorts off.
with the printer is the same thing because some of the page definition languages and I'm going to talk about that later in detail are actually programming languages, which can access memory of a printer and hard drive over printer. So they can, they can do.
They console it there themselves. There they can stay there
perpetually. They can execute code. They can collect information and store it on the hard drive. So anything.
So, depending on the printer model, this kind of job can do small, medium or huge damage.
And when you look at ah, this example on the screen is a typical print job that has been printed that I have printed it on my my PC to my printer,
and you can see some some commands that existing what's called PD L. A page printer, job language, paid job language
and P gel. And, uh, you see that there ist
with that language, you can do quite a lot of settings of a device, So if you don't protect your device from that, you can, for example, open that devise Toby accessible from the outside.
Eso. These are the things that can be done with print jobs and P gels.
And, as I said that they can do medium small or huge damage, depending not only on the printer model but also on the skill off the attacker, because in order to write some kind of code that can execute on the printer.
You really need to know a lot about internal architecture, the processor that the printer using
and similar stuff. And it's ah, different from vendor to render and even between models within the offering, the one vendor.
So at the end of this lesson, let's do a short, uh,
knowledge or learning check, and the question for you is what kind of damage can be Dyba, hecking printer. And the answers are installing backdoor to the network and harder damage male sniffing and social network attack account, hacking or staging ground for future attacks and male sniffing.
The correct answer is staging ground for future attacks in male sniffing. As I said, um, hard, her damages unlikely. Oh, are almost impossible. And male sniffing and social network account hacking is definitely not something that you do from a printer.
So in this lesson, you have learned about how can a print device be used for emission malicious intent?
And how can a print file be used to attack printing device