Russian hackers are infiltrating companies via the office printer

MIT Technology Review  August 5, 2019
The Russian hackers, who go by names like Strontium, Fancy Bear, and APT28, are linked to the military intelligence agency GRU. The new campaign from GRU compromised popular internet of things devices including a VOIP phone, a connected office printer, and a video decoder in order to gain access to corporate networks. Although things like smartphones and desktop computers are often top of mind when it comes to security, it’s often the printer, camera, or decoder that leaves a door open for a hacker to exploit. The hackers moved from one device to another, establishing persistence and mapping the network as they went, communicating with command and control servers all the while. Of the 1,400 notifications Microsoft delivered to those targeted or compromised by Fancy Bear, 20% have been to global non-governmental organizations, think tanks, or politically affiliated organizations. The remaining 80% have been to various sectors including government, technology, military, medicine, education, and engineering…read more.