HP Solutions: Keeping The Wolf Away

Firewalls alone cannot withstand sophisticated attacks from hackers like The Wolf. You must apply multiple layers of protection at every infrastructure endpoint. Help protect your devices, data, identities, and documents with security solutions from HP.

WATCH NOW: The Wolf ft. Christian Slater | HP

In the first film, The Wolf brings down a global financial institution by exploiting its vulnerable endpoints. The Wolf uses a mobile device to access a printer and inject malware to intercept and read data. He then uses a “phishing” email to trick a user into sending malicious code hidden within the print file to a printer. The malware on the printer breaches the firewall and spreads to the company’s PCs. The code resides at the BIOS level, so it can continually supply data and even reinstate itself after network defenses deploy. Finally, The Wolf discovers a confidential document in the output tray of an MFP. The public leak of sensitive data causes the company to suffer considerable financial and brand damage.

Vulnerabilities

• Printer Wi-Fi or Bluetooth® is open without requiring user authentication
• Printer data files are not encrypted
• Users do not recognize suspicious emails or print files
• Printers and PCs do not have malware protection
• Documents abandoned in output trays may expose sensitive information

How can you protect against similar attacks?

Protect the data: Turn off Wi-Fi/Bluetooth or require authentication; apply a mobile authentication and encryption solution, such as HP JetAdvantage Connect or HP Access Control.

Protect the device: Upgrade to HP Elite PCs and HP Enterprise printers and MFPs with malware protection to automatically detect, stop, and recover from an attack without IT intervention. HP Sure Start helps devices self-heal by rebooting using a safe copy of their original BIOS code.

Protect the document: Deploy a pull print solution, such as HP Access Control or HP JetAdvantage Secure Print.

WATCH NOW: The Wolf: The Hunt Continues ft. Christian Slater | HP

In the second film, The Wolf targets patient records stored by one of the medical world’s biggest records management companies. He hacks into a PC and later a hospital printer by using the printer’s USB port to upload malware. Since the unsecured printer is connected to the network, the malware is already behind the firewall and can search for other connected devices to compromise. And because the printer resides on an unsegmented network, The Wolf can access servers connected to databases filled with sensitive information. He steals millions of confidential patient records. Both the hospital and the software company are liable and face significant fines, along with damage to their reputation.

Vulnerabilities

• PC is unlocked when user walks away
• Printer USB port does not require authentication to use
• Data files are not encrypted
• Printers and PCs do not have malware protection
• Printers are not monitored for security incidents

How can you protect against similar attacks?

Protect identity: Use multi-factor authentication on HP Elite PCs.

Protect the data: Apply a printer authentication and encryption solution, such as HP Access Control; close unused ports or control access with user controls; use strong encryption controls for all data at rest and in transit.

Protect the device: Upgrade to HP Elite PCs and HP Enterprise printers and MFPs with built-in malware protection to stop attacks and self-heal down to the BIOS with HP Sure Start. Improve monitoring and management: Deploy HP JetAdvantage Security Manager (printers) and Management Integration Kit1 (PCs) to automatically configure device security policies across the fleet; enable syslogs to track security events; connect printers to Security Information and Event Management (SIEM) tools for real-time intrusion notification.

By |2018-10-10T14:14:28+00:00June 18th, 2018|Security|0 Comments