welcome back to printing Security Intermediate course, and in this lesson, I'm going to continue talking about potential damage that can be done by printing device. So I'm going to talk about firmer upgrade the tax embedded Web server hacking and absolute device data leak.
So when we talk about firmer upgrade attacks,
in their essence, similar to what we have as a root kit attack or bias wires on a PC.
So we have a piece off Marber that can be installed on a device while a firmer upgrade so you can create,
um, firmer. That contains, among other things, malicious code. It provides the full functionality of the printing device like normally, but it also does some nasty things
It's relatively easy to perform, so it only requires access to the device. For example, if you can have an access to a PC that
can connected the device and devices not sufficiently secured, you can just start the
I'm firmer up a upgrade procedure from the PC. It takes between 10 and 2030 minutes, depending on the rice and the speed of the network, and once you do it you. Can you have your malware installed?
It also Ah can be done. Acted the device itself if devices not secured from being firmer upgraded
on the on from USB port, which is something that most of these devices have. So if there is a possibility to operate firmer from device, it is very easy to do it. You just plug it in, start from memorably procedure 15 minutes. Half an hour later, the device is yours.
From the point off how easy it is to make such a malbert, that's a completely different story. It's relatively difficult, if not very difficult,
because you have to have knowledge off the operating system off the device you're writing the mulberry infested bias, for
you have to do the whole procedure off, putting all this things that allow buyers to be installed, for example, CRC check and stuff. So it has to look like a legitimate buyers to the printer in order to be installed.
Although the such protection doesn't exist on all printing devices, especially on some older ones, which is their use
in terms of damage that you can do with this, it is absolutely maximum, so you can install invisible. Um,
it's a ah spy in the network, which is almost impossible to detect unless through very detailed and very intelligent analysis of network traffic Onda also you that that software can
pretty much do anything. There is enough space on on hard drives of most printers today on printing devices
to install serious piece of software that can do male sniffing networks nipping at the same time collected data from data shares. Ah, um, convert print jobs to pdf's and send them outside all that stuff so it can be easily done
if you know how to write the coat.
So this is about fervor. Upgrades, upgrade attacks. The 2nd 1 I'm going to talk about in this lesson is embedded Web server hacking attacks,
and is there essentially easy to execute? You just have to be able to being the network and the just type the I. P address of the printing device in your browser, and you get into the embedded Web server of the device.
If you, um if that's embedded Web server is not protected by itself and the measures for that I'm going to talk about later in this course,
then you have access to pretty much anything on the device, and you can install the firmer. You can install the application or plug in that can do some damage.
The good thing is that this is relatively easy to protect against,
and the damage that can be done is small to medium. Unless you told the firmer upgrade, because in that case it's absolutely maximum damage that you can do so from just having access to embedded Web server. By itself, there is not much damage, but you can do
indirect damage through
changing settings and through activities you can done from the do from embedded observer.
And the final thing that I'm going to talk about in this lesson is data leakage from discarded devices. So, um,
first thing if you go to YouTube, you'll find the very old video about the person that was buying gold copiers from vendor that specializes Second had devices and hey found the huge number off
confidential information on the hard drives of the devices,
and he was using Onley publicly available suffer, so no actual hacking expertise was needed. You just go, you buy them, you take their hard drives and you look what's on them.
Eso In order to prevent it, you should have a secure raised off the hard drive that has to be done periodically.
It has to. You have You should put encryption on these hard drives. Some devices have hardware create encrypted hard drives already installed, which is a plus, but not all of them, not even the brand new one. So it really depends on the weather and the price of the
the race itself, because these things have a tendency to make devices more expensive.
But the best thing to do is to perform a physical destruction so you can physically destroy hard drive. Uh, the only problem is, if you do that, then you cannot sell your printing device a secondhand
because then the new hard driver would have to be installed. And usually
I know some companies that have a policy that no hard drive can leave their premises intact, so alive. But then you have a problem with finances and then people doing facilities that want to extract some money from selling all devices. So this is
this is a tricky thing, but if you cannot do physical destruction, which is absolutely the best thing you can do encryption and security rays, which is, uh,
pretty much the good thing.
So in this video, you have learned the details off pre different ah, device attacks and some protection against them. And especially when we talk about preventing data loss from the old printers.
And the next lesson, I'm going to talk about the differences between printers and them if peace and the impact that the those differences have on I t security.