Your Printer Might Be the Next Target On the Hacker's List

Believe it or not, the computer criminals have found a way to extract important and confidential data from a device as simple as a printer. The printer which traditionally performed menial tasks of printing pages and scanning documents has evolved into a highly sophisticated machine which can send and receive e-mails. Some of them can even browse the web. Despite all these up gradations, the manufacturers have paid the least bit of attention towards the security aspect of these humble printers. Such inefficiently  protected printers can be even made to work together as a single unit and this network can act as online storage for Cyber crooks!

[​IMG]The ShmooCon hacking conference, which is scheduled this week in Washington D.C., will witness two presentations by two researchers demonstrating the vulnerability of printers and how easily they can be hacked to breach a company’s secure network. Deral Heiland, who is going to give one of these presentations, has previously worked as a “penetration tester”. A penetration tester is a guy whose job is to hack into a firm’s system under controlled conditions. "These devices have gone from being standard, simple printers that got on the network to the point where they are totally integrated in the business environment," Heiland was quoted by the Technology Review "And that heavy integration is what makes them a premium target."

At this year’s ShmooCon, Heiland is going to explain about a program called ‘Praeda’ which means ‘to plunder’ in Latin. This program mainly exploits the commonest of security loopholes such as default access codes to get entry into the printers while remaining outside the company’s network. Once the printers are infected, they can be controlled to hack the whole network. As soon as this tool gains access into the network, it becomes capable of robbing a lot many passwords giving it access to other machines and servers. According to Heiland, simple configuration settings play a major role in making printers susceptible to attacks because these passwords are not secret and can be easily found in manuals posted online. Printers that can be accessed through web run the risk of letting a knowledgeable attacker steal passwords.

The another presentation regarding this topic will be presented by researcher Ben Smith will demonstrate another program called “PrintFS”, that instantaneously gathers information about the vulnerable printers in a LAN via internet and transforms them into a storage unit.

So if your printer has got an IP address and is connected to your network, then you should be concerned about its security.

Replies

You are reading an archived discussion.

Related Posts

Having a space crunch? Here is a solution to that problem. The new concept of POWER TEMPLES has been revolutionary in the field of electrical engineering. The installation is covered...
For those who love to stay close to nature, Roof garden may be the closest option these days. In the present scenario where most of the people in urban areas...
Mankind has not unraveled the mysteries lying deep inside the oceans and seas across the globe. Till date, about 90% of the ocean floor is unexplored and untouched by human...
As expected the battle of the tablet PCs is heating up in India. Samsung launched their Samsung Galaxy Tab late in December 2010 and Apple announced official availability of the...
Forget ASIMO with his awkward movements and non-expressive face. We now have the first of a kind robot with human spinal cord. The robot is developed by the evangelists at...