The Amphion Forum 2012 was the place to be if you wanted to understand the real security risks in having electronic devices such as cell phones, computers, and even printers. When Ang Cui, a fifth year student at Columbia University’s Intrusion Detection Systems Lab demonstrated how easy it was for him to hack into the networked devices from a remote location, the audience was struck with awe and for a moment there was a great silence in the room. Networked devices such as VoIP phones are becoming commonplace with the advent of cheap international calling using VoIP based call termination.
Cui said that their lab is very popular with the media but their interest in this project are much different than what the media is expecting. The lab wants to exploit every vulnerability they can find so they can come up with a solution on how to protect against them. The media is more interested in the one time finding because they want to create hype over the find. If you visit the lab’s page you will see this disclaimer: “Any portrayal by the media that this printer poses a risk of fire should not be interpreted as a conclusion derived from our study.”
Cui used a Cisco branded VoIP phone and removed a little external printed circuit board (PCB) to hack into it. You might think that it would be very hard for an intruder to remove these circuits from devices. However, it is as easy as waiting for a printer to become unattended or a phone left sitting around without anyone around. In a blink of an eye the intruder can remove the circuit even if the phone is locked because the circuit is an external one. Cui then demonstrated that he could record the conversation from the phone word for word. He did not give specifics of the vulnerability but said that once you have control over the phone, you are able to get into the phones that are attached to the network.
The project that lead to this vulnerability was named “Project Gunman V2”, which has lead to the disclaimer mentioned above. In this project they inject malicious code to compromise the functionality of a printer. Once the code is injected into a networked printer, it can be exploited to control the network. It sounds like a plot from a science fiction movie, but this is indeed becoming a reality.