Within hacking culture, certain methods to break into IT systems hold more weight than others. News about complex, daring, and sophisticated attacks result in greater respect from other hackers. When this respect is conveyed on underground discussion forums, it becomes a badge of honor. Over the last few years, physical security hacking has become an activity worthy of praise in the cybercrime community, and it is important to understand why.
Let’s say a hacker is able to take down an e-commerce website running on an old version of the Drupal content management system (CMS). If the hacker pulls off this attack with a malicious script she downloaded from underground forums, she will be dismissed as a “script kiddie.” If she coded her own zero-day exploit based on a vulnerability unknown to Drupal CMS developers, she will be worthy of praise. If she was able to physically break into the server hosting the target website, she will be treated as an elite hacker.
There was a time when social engineering was considered to be the pinnacle of hacking. These days, hackers consider physical hacking to be the ultimate technique in systems penetration. In essence, physical hacking consists of exploiting vulnerabilities of devices that physically connect to the Internet of Things (IoT). These devices may include smart refrigerators, IP surveillance cameras, network printers, smart toys, and many others. A hacker who is able to break into these devices may be able to follow the connection all the way into business data networks. All the same, hackers who break into office networks may be able to exert control over IoT devices.
As previously mentioned, physical security breaches are currently at the top of the hacking totem pole, and this is a good way to describe a vulnerability recently discovered in relation to Konica Minolta multi-function printers, which happen to be popular in busy offices where considerable printing takes place on a daily basis.
SynchroNet security specialists who reviewed the research on the two Konica Minolta printer models affected were surprised to learn that connecting USB keyboards to the machines gave users administrative privileges. Since the onboard display of the printers uses Google Chrome in kiosk mode as the user interface, all an attacker had to do was press a function key on the USB keyboard to escape the sandbox environment. At that point the hacker could also point the browser to an external website complete with an interface that asks for corporate username and passwords. Thankfully, these vulnerabilities have been addressed and fixed by the manufacturer since early 2021.
Information security audits completed by SynchroNet technicians will always have physical security in mind. To learn more about our IT services, please contact our office today.