Print-01

Printers – PC Load Vulnerability

Printers Are Forgotten About

Every office has at least one printer – quite often, a multi-function machine that also scans and faxes. These machines allow us to distribute hard copies of things, print out websites for the older workers to write their comments on, create signs playing practical jokes on Joe from Accounting, and other very important office things. Everyone oohs and aahs when the new printer arrives, but after it’s installed and hooked to the network, no one thinks about it again until one of its consumables needs replacing. The printer becomes almost a piece of furniture – it has a function, but other than that it just sits there. Until it becomes a portal for intruders, that is. Printer Security may be the last thing on your entire office’s mind, but should it be?

Printers Can Be Gateways of Evil

There are many long-running Internet jokes on how printers are evil. In fact, they aren’t really. Sure, they have to be tended to now and again, but it’s normally just for the feeding of paper and ink/toner. What printers can be, though, are ignored gateways for evil to reach into your networks. Think about it: devices are added to networks all the time and we’ve been trained to properly protect and secure them (which is good). But for some reason, we often seem to forget that printers are devices existing on our network, too. We forget that printers have reach to all our computers. We forget to include printers inside our shell of cybersecurity. Many of us have grown up with printers always there (especially when compared to the vast army of IoT products that have been amassing to take money from our wallets in the last handful of years), and just trust them to be there and be safe.

Secure keys for office

How secure is your office hardware?

And this is exactly what infiltrators want us to do: forget to protect our printers. Because if our printers aren’t protected, infiltrators have a gateway from which to invade our networks.

Printers Can be Exploited – Printer Security

Printers, just like any unprotected IoT device, can be exploited in a number of ways. One of the main ways printers can be compromised is through DNS rebinding attacks. DNS rebinding allows malicious attackers to squeeze around your firewall and find and exploit unprotected devices, such as printers. According to a study by Armis, an estimated 66% of printers from all major brands are vulnerable to DNS rebinding – that’s approximately 165 million printers.

Once a printer has been perforated (old school dot matrix joke there), infiltrators can do a variety of things. The first thing they might do is download all the documents being printed, scanned, or cached on the printer. Those could be as simple as business flyer drafts and as dangerous as tax forms and contracts.

But the damage doesn’t stop there. Once they’ve pierced through your printer, evil-doers can spread throughout your network finding more to exploit. From your printer, they can spread like any other network invasion, installing ransomware, taking over systems, and every other bad thing you can imagine.

Fognigma Protects Printers

Want to make sure your printers are safe? The easiest way is to plug it into a little device called a Wicket, which pulls the printer onto your Fognigma-created network. Because your printer is now protected by Fognigma, it can’t be detected by those looking for network vulnerabilities because your entire network can’t be detected. Don’t have Fognigma yet for your cybersecurity? Well, read on to learn more and how it is a game changer in the realm of cybersecurity.

Wicket Printer Setup

A Fognigma Wicket added to a printer

Fognigma enterprise software gives you the power to create truly invisible networks. Fognigma builds secure and traceless networks by using randomly leased components spread out across multiple clouds which function together as one network. Fognigma networks are wrapped in two layers of AES-256 encryption and hide and protect your communications, files, users, network, and yes, even your printers.

Any device connected to your Fognigma-created network doesn’t seem to exist to the world, so won’t be a target for exploitation. As stated before, printers tend to be forgotten about. We plug them in, connect them to our network, and then use them until they are replaced by a new version. Lather. Rinse. Repeat. But now, just as easily as you would connect them to a regular network, you are attaching them into a Fognigma network.

And, also just to make it clear, Fognigma does in fact protect your printer, but it does secure so much more. We focused on printers as an easy-to-abuse access point for violating an organization’s network, but Fognigma protects everything your organization holds dear. It also has many other valuable features, such as obfuscating network traffic, traceless telephony, encrypted file share, and the ability to safely access your Fognigma network from anywhere in the world on any device.

 

Fognigma is ready to protect your organization’s entire network with leading-edge technology. We just wanted to make sure you knew your printers would be safe, too.

Isometric vector Internet hacker attack and personal data security concept. Computer security technology. E-mail spam viruses bank account hacking. Hacker working on a code. Internet crime concept

Defeating Browser Fingerprinting with Fognigma

You’re Always Being Watched Online

As Joseph Heller aptly wrote in Catch-22, “Just because you’re paranoid doesn’t mean they aren’t after you.” This statement accurately parallels the plight of those who take their online security seriously. Many of us concerned with cybersecurity use countless programs and plugins to thwart online tracking, which might seem paranoid to some. But we know the truth: online, they really are after you.

And who ‘they’ are almost doesn’t matter. They are the ones who want to track your every online move. They are the ones who want to know who you are, where you come from, and what you are doing so they can use that information. Sometimes, this info is just used to market to you, or anonymously track where you look on a website so the site’s design can be made more user friendly. By 2020, profits for data about you and your online activities are expected to reach an estimated $210 billion dollars – a compound annual growth rate of 11.9%. But unfortunately, all too often, this data is used by a more nefarious ‘they’ – the ‘they’ cybersecurity attempts to protect you against. The ‘they’ who will find a way into your network, so they can suck the sweet marrow inside, leaving you with just a brittle shell of your company.

How Do ‘They’ Find You?

Everyone knows about all the flavors of cookies that exist out there – regular cookies, evercookies, supercookies – each tracking something about your online activity. It’s even easier to know about cookies now that GDPR compliance is being enforced. But there are other ways you can be tracked online, ways that are often more difficult to detect and stop than cookies. We’re talking about browser fingerprinting.

Browser fingerprinting, in the TL;DR version, is the act of observing online patterns and deducing from where and whom the patterns were created. It’s easier to illustrate by example. Picture your morning. Most likely, you get up at the same time, head to work at the same time, go to work via the same route, work at the same location, eat lunch at the same time (often, at the same place), leave work at the same time, head home via the same return route, and go to bed at the same time. Lather. Rinse. Repeat. Quite quickly, a very distinct pattern (your pattern-of-life) develops – one which can be exploited to figure out things about you and, in many circumstances, to figure out exactly who you are.

Browser Fingerprinting

Daily online behaviors, systems can learn from online routines

Online, it’s the same thing. Whether you know it or not, you have patterns of online behavior – sites you frequent, time of day you check things, location when you are checking, connection type you use, and so much more. Once it’s analyzed, your online pattern of behavior can disclose quite a lot of information about you and, again, sometimes even exactly who you are. There’s only way to fully protect yourself. You must disappear.

Fognigma Defeats Browser Fingerprinting

Imagination time again. Now picture you go to work like normal, except this time instead of going from your home to your work, you appear suddenly at the Eiffel Tower and begin working from there. When it is time for lunch, you eat a delicious meal, but no one sees it happen. To observers, you never had lunch at all. And rather than anyone able to witness your traffic-filled commute home, you simply disappear from your table at Le Jules Verne as if you never had been there at all.

The point is: Fognigma obscures your actual location, movement, and intent. A Fognigma network is built from randomly leased components from cloud providers all over the world combined to form one network. You enter the network through an entry point which may or may not even be in your own country. Inside the network, your traffic might be routed through dissociating joints (depending on your deployment configuration) before leaving through an exit point possibly on a different continent. Anyone trying to trace your location will see you as existing wherever that exit point is.

leased cloud components

Randomly leased cloud components

And guess what? Your entry and exit points today might not be the same tomorrow – same with the entire configuration of your Fognigma network. Fognigma networks can easily be burned down and rebuilt (either with the same or different configuration) with just a few mouse clicks. The cloud components are wiped clean and returned to the cloud, only to be written over when next they are used. When you rebuild your network, you can choose new entry and exit points in different places. You can do this build/burn/rebuild at any time – even on a scheduled and automated basis.

Now, you no longer have an observable pattern. You might still go to the same sites around the same time, but you will appear to be doing it from different cities, countries, and/or continents. By constantly shifting your perceived location, your activity just becomes static in the soothing white noise of the Internet’s global Om. In short, you won’t even appear to be you.

Fognigma helps you thwart the ‘they’ who are after you, but you’re on your own with your paranoia.

Isometric business people talking conference meeting room. Team work process. Business management teamwork meeting and brainstorming. Vector illustration

Fognigma: Protecting from the Inside

The Threat is Inside the Building!

Often, Cybersecurity is thought of as a process of looking out to the world and searching, scanning, and bracing for what might be out there. It’s an ongoing process – a valiant mission – to plan for the worst. It’s a constant battle against external threats discovering things about you and using those discoverings against you. Unfortunately, if you are only looking for and protecting against external threats, you’re only doing part of your job. Cybersecurity should always be viewed as looking in two directions at once: external and internal. It is imperative you don’t ignore the possibility of internal threats.

Internal threats, of course, come from inside your organization. They are your employees, your coworkers, and sometimes even your friends. It is hard to imagine they would willingly do anything to betray your organization. But wait! Internal threats are not always the criminal, calculated schemes that feed our movies and television shows. Many times, internal breaches are due to a variety pack of non-nefarious reasons. Let’s explore more, shall we?

Non-Malicious Insider Threats

Quite often, the employees who become non-malicious insider threats (NMIT) don’t even know they are doing anything wrong. These are the people who check work email on public computers and then forget to log out of their applications. These are the employees who do work while at coffeeshops on unsecure networks. These are the ones forwarding work emails to their personal email addresses, so they can continue working from home.

checking email

Or perhaps the employees are, in fact, willfully doing something wrong, but they justify it as necessary to get their job done.  The Government Research Council (GRC) did a study on government employees’ use of approved mobile devices. The GRC found around one-third of respondents were using personal devices to do business work on. Of that third, 94% of DoD and military employees, and 64% of civilian employees, were using personal devices that had not been approved by their agency.

Better cybersecurity education can really go a long way to stopping many NMITs from forming in any organization. Employees should be taught not only what is acceptable and what isn’t, but also why certain online behaviors are dangerous. They should be taught how immense their impact is in the organization’s cyber security plan and how cyber security is a company-wide endeavor.

There is one other way to severely hamper both malicious and non-malicious insider threats, something Fognigma excels at: granular user controls.

Fognigma Networks Protect Against Insider Threats

Fognigma gifts network administrators with granular user controls. Quite simply, granular user controls allow the admin complete control over every little aspect of a user’s permissions inside a Fognigma-created Mission Partner Network (MPN). From which components to which files to which entry and exit points, admins will be able to make sure each user has access to only those things they need to access. This method of precise control is accomplished by creating groups.

Groups exist for each part of a Fognigma network. With just a few mouse clicks, users are added to very specific groups, which give them access to specific components, features, and even entry and exit points. And just as easy as they are added, users can be removed from groups.

We can explain this better by using an example. Our example company is called The Company and boasts 400 happy (and imaginary) employees. The Company has deployed Fognigma and is enjoying the protection and anonymity it provides. A new employee is hired: Jay. The Company’s HR team is on point and have already completed an IAM (Identity and Access Management)  assessment for Jay. As a new accountant, Jay needs access to certain things and shouldn’t see other things.

Admin Controls

The network admin who handles all permissions begins adding Jay to groups inside their MPN. He gets added to the company-wide telephony system group, the company-wide message server group, and the company-wide file share group. Jay is then added to the accounting fileshare group and accounting private channel on the company-wide message server group – each consisting of the CEO and the four-person accounting department. No other employees can access these groups, which thus limits the exposure of sensitive financial data to just 1.25% of the company.

Jay is not added, however, to the dev file share or the dev private messaging channel group (which Jay doesn’t even know exists). Jay doesn’t need access to any of the development team’s research or discussion. Not that he would (he’s a good dude), but this limited access prevents Jay from even contemplating leaking company development secrets – he just can’t get to them.

And here comes the really cool part. Imagine, after a few months, Jay realizes a new computer process would greatly help accounting with their accounts payable work flow. He mentions it to the CEO, who loves the idea. A new private messaging channel group is formed. Inside that group are Jay, the CFO, and two developers assigned to the task. No one else in the company can access this messaging group. Inside, these four employees can discuss and develop the new process.

Fognigma Networks

Three months later, the process is rolled out for the company to use. The accounting department is thrilled. The private messaging group is no longer needed, so is easily  deleted. And the rest of the company? Well, they didn’t need to know about any of this, so they didn’t. Everyone is containerized within their own little spheres, preventing each user from having too much access to what goes on inside the company.

This example serves to illustrate just a fraction of how Fognigma’s use of groups can limit user access and temptation. And by limiting access, Fognigma’s granular user controls prevent problems before they even can develop.