Category Archives: Vulnerabilities



  • 13

“Printers Beware”

Dear Blast Readers,

 

Did you know that 54% of employee’s say that they do not always follow the security policies put into place by their company’s Information Technology departments? * Did you know that about 51% of employees who have a printer, copier, or a multi functioning printer (MFP) at their work place say that they have copied, printed, and/or scanned confidential documents at work before? *

 

With cyber threats on the rise, it is not a shock that even printers are not safe from cyber attacks and data breaches. If a printer is connected to a wireless network and is unsecure, then it is open to hacking. Once compromised, other devices connected to the same network are left vulnerable.

 

How can a hacker gain access to a network using an unsecure printer?

 

One way a hacker can gain access to your unsecured printer is if the firmware is out-of-date. This allows the system to accept malicious lines of code. The hacker can then use the code to gain access to:

  • Print Jobs.
  • The user’s computer.

 

Another way a hacker can gain access to your unsecured printer is using a drone. Along with a drone the hacker would need a mobile phone and two applications. The two applications would do the following:

  • The first application identifies all wireless printers
  • The second application deploys malware into the printers.

 

So how does this type of drone attack occur?

 

Firstly, the hacker would fly a drone using a smart phone into position outside of an office building. Once into position, the hacker activates the two applications. Once the first application scans for open Wi-Fi printers, the second application establishes a fake access point (one that mimics the real device). Once established, the fake access point is then able to intercept documents that have been sent to the real device. With network access gained, the hacker can then in-bed malware into the company’s network.

 

When malware is installed within the network, hackers can gain access to your servers and documents by:

  • Accessing sensitive and/or confidential information.
  • Changing the printer’s settings or LCD readout.
  • Launching DoS attacks (Denial-of-service attacks).
  • Using the printer to receive and transmit faxes.
  • To send unauthorized print jobs.
  • Retrieving saved copies of documents.
  • Eavesdropping on network printer traffic.

 

To take preventative measures against attacks on your printers Some typical prevention procedures include, but are not imited to:

  • Educating Employees on the importance of security
  • Defining what constitutes a secure password
  • User identification (with PINs and other verification) for printer usage.
  • Data encryption protocols (to prevent interception of data across the network).

 

If you any questions relating to Firmware, Network Security, Printer Security, Cyber Security or Computer Forensics contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please feel free to visit our website at www.FDS.Global.

 

 

*(The statistics represented in this blast were identified from: Network, C. (2013, February 07). The Hidden IT Security Threat: Multifunction Printers. Retrieved April 25, 2017, from https://www.forbes.com/sites/ciocentral/2013/02/07/the-hidden-it-security-threat-multifunction-printers/#b615affb615a )*


  • 0

“In A Day Where Everything Is Getting Smarter, It Might Be Smarter To Play Dumb”

Dear Blast Readers,

 

Did you know that 6.6 million people in the US are stalked every year*? Only 1 in 5 victims are stalked by strangers*. 85% of stalking victims know who their stalkers are*. Did you know that there are 78% of stalkers use more than 1 approach when it comes to stalking their victims*?

 

We live in a day and age where technology is continuing to get smarter. With technology getting smarter so are the cyber criminals. Today Cyber criminals are always looking for vulnerabilities and back doors to provide access to his or her next victim.

 

Recently, vulnerabilities in cyber security have been found hiding and lurking in the shadows of smart appliances. Some examples of smart appliances include:

  • Smart Refrigerators
  • Smart Slow Cookers
  • Smart Dish Plates

 

Smart Refrigerators can have 3 built in cameras, that allow you to see inside of the Refrigerators from where ever you are. They also can have the capability of streaming music, streaming videos, as well as sharing calendars, notes, memos and pictures. The Smart Refrigerators can also have voice activated features. If these refrigerators fell victim to a hack attack, then hackers would have total control over all the features.

 

By hacking the Smart Refrigerators, hackers can then peer into your life. Watching you, your spouse, and even your children with the help of the video feed that comes from the Smart Refrigerators cameras.

 

Also, they can listen to every conversation going on inside your home because of the voice activation speakers (the speakers that help to refrigerator listen and respond to your commands).

 

The Smart Refrigerators can also share calendars, notes, memos and pictures. If a hacker was to gain access to this information, it could be sold on the dark net to someone with malicious intent. But, you could also be stalked. With this information, a stalker would know your schedule, know what your family and friends look like, where your favorite places are, among other things.

 

A Smart Slow Cooker is another smart device that cyber criminals and/or hackers could use to their malicious advantages. Being a Bluetooth connected device allows the Smart Slow Cooker to connect to smartphones (both Android and iOS devices), and tablets that have the Smart Slow Cookers application. From this application, you can control all the features, including:

  • Adjusting the temperature
  • Turning the Smart Slow Cooker on/off

 

With access to the Smart Slow Cookers, hackers would be able to get into the application and mess with the settings. They would be able to turn it on and off as they pleased, they would also be able to control the heat settings, possibly being able to blow the power source creating a fire. Hackers would be able to do all of this without the consent or knowledge of the device’s owners.

 

Do you wear a fitness tracker on your wrist consistently? Do you monitor your caloric intake with said device? Did you know there is a Smart Dish Plate that can help you track your eating habits and calorie intake? The Smart Dish Plate is Bluetooth and Wi-Fi connected. It connects to your smartphone, via application, and your fitness tracker. It also has 3-mini built in cameras.

 

If hackers and/or cyber criminals were to gain control over this device, then it is likely that your phone and its data will be targeted as well. This leads to the possibly that this data could be sold on the dark net.

 

With the 3-mini built in cameras, hackers would also be able to spy on you through the camera feed.

 

By gaining access to the smart kitchen appliances, hackers can do many things without your knowledge or consent. They can control the device and all its features and they can also gain access to any other internet connected device connected the same network, including:

  • Smartphones
  • Tablets
  • Computers
  • Alarm systems

 

If you have any questions about hacking or cyber security contact FDS Global. You can reach us at our office at (954) 727-1957 or by email at RMoody@FDS.Global. Please Feel free to visit our website at www.FDS.Global.

 

 

 

*(The statistics represented in this blast were identified from: Stalking Information. N.p., n.d. Web. 17 Apr. 2017.)*