This week, researchers demonstrated again just how easy it is to hack into your printer.
Amusingly, printers have been hi-jacked so they print out materials that go directly to the primary user. Of course, there is also the usual attack objective of stealing user information and your firms intellectual property.
It is simple enough as most of the attacks researchers used involved PostScript malware. PostScript, is a computer language created by Adobe and is used to describe the appearance of text and graphics on a page. PostScript is supported by all major printer manufacturers, therefore, no brand was immune to the hack.
Such attacks can be launched through USB, remotely over the local network, or from the Internet via a malicious website using cross-site printing (XSP) and cross-origin resource sharing (CORS) spoofing.
The researchers also showed how PostScript and Printer Job Language (PJL) can be utilized to access the entire file system on some printers, including passwords for the embedded web server. This vulnerability has been known for several years, but experts say it still hasn’t been completely fixed.
The Helix22 SDK is designed to eliminate just this type of attack.
What makes the Helix22 SDK so revolutionary, is that it’s cryptography is embedded directly with the data regardless of the device being utilized. This of course would include printers and any other connected device. Therefore, your entire system and network would be protected and all data generated, regardless on which device, is automatically protected. Further, any data at rest that is sitting on your printer, or other devices, is equally protected and cannot be exfiltrated, even in the case of a breach.
You see, unlike most other data security products that attempt to build a perimeter to keep attacks from reaching your data, the Helix22 data security SDK embeds with the data at inception and remains in place at all points in the future. This means that all data is 100% protected while at rest, in use and in transit. Most encryption only tries to protect during transmission which leaves data in the clear until the app is opened.
At BLAKFX, we imagine data security issues differently. We start with the premise of where will data security need to be in 100 years and we start building accordingly. The result is a data security tool kit that is universal and has already been proven quantum era ready.
Helix22 delivers “22nd Century Data Security.”
To read more about the research hack on printers, click here:
https://www.securityweek.com/researchers-hijack-28000-printers-show-how-easily-they-can-be-hacked