What's lurking inside a hacker's lair? In a virtual reality experience designed by HP, Michael Calce—aka MafiaBoy—took a cyberwalk through a hacker's apartment to discover the secrets of these clever criminals, and as one of the most notorious hackers of all time, there's no one more suited to the task.
MafiaBoy—a formerly "bratty" Canadian kid—decided to test the potential of DDoS attacks in 2000. At the age of 15, he created "Project Rivera," which took down massive sites, like the top search engines of the time, including Yahoo! and Amazon, costing nearly $2 billion. Today, Calce is a white-hat security advisor who helps companies fight cybercrime.
If you're brave enough to follow along as we detail this virtual reality experience here, you're bound to be surprised: The tools of the average hacker may not be quite as high-tech as you think. This tour will help you understand the most common hacker's ammo—so you can defend against it and build smarter office IT defenses.
Expect the unexpected
At first glance, a hacker's home isn't that bad. In fact, it's like an average urban studio apartment, but instead of an ornate globe in the living room, there's a hologram of the world floating in the center of the room, revealing all hacks in progress.
Hacker culture's changed over the last two decades, compared to the days when MafiaBoy was active. Today's average hacker is less skilled since threats can be bought and sold online. Even scarier, it's easy to find how-to hack guides through a web search. But these changes don't mean hackers aren't hitting hard. MafiaBoy revealed the average cost of today's data breaches is $9.5 million.
Behold the hacker's bragging wall
In MafiaBoy's exploration, he finds a hacker's bulletin board of successes looking like a shrine, but it's also a wall of shame for the pros in the good-guy camp. Seventy-one percent of breaches start from unsecured endpoints, like printers. Considering the depressing fact that the vast majority of the world's business printers are unsecured, the average hacker doesn't have to be especially talented to score a wall of wins.
Case in point: In 2016, one hacker identified thousands of internet-connected printers that could be exploited through an open port in just 60 seconds. In a politically motivated hack, they caused thousands of unsecured printers to spew printed fliers covered with hate speech. Worse yet, this attack could have been completely avoided if that port was locked down, but instead, it went overlooked on machines that didn't have built-in security features to detect this obvious vulnerability.
Know the difference between a prank and a hack
There's no shortage of stories about hilarious printer hacks, like the time hacker Stackoverflowin' printed memes on 150,000 global printers or when security researcher Michael Jordon hacked his print status screen to play the old school video game Doom.
While you can laugh a little at these fails, MafiaBoy's virtual reality experience reveals some darker, harder truths. For instance, 73 percent of data breaches are financially motivated. Most hackers want to steal your data, not play Doom on your printer. If you're not protecting your endpoints, your IT network looks like a tasty snack.
Meet the hacker's worst nightmare
When a security genius, like MafiaBoy, admits something is almost completely hack-proof, you listen. The virtual reality experience heads over to the hacker's work table, where they're closely studying the "hacker's worst nightmare:" the latest lineup of HP Enterprise printers, including the new lineup of A3 (11 x 17) printers with built-in security features.
MafiaBoy's favorite feature of these devices is also the hacker's least favorite: HP's run-time intrusion detection, a feature always monitoring for malicious attacks, so your printer is always on the lookout for hackers. This technology checks for anomalies during complex firmware and memory operations, automatically stopping any intrusion and then rebooting. With this enhanced level of print security, your IT team can protect data and documents without lifting a finger. Calce admits, "Man, I'm glad I never had to go up against this kind of security when I was hacking."
Don't underestimate your business printers
Almost any IT pro will admit they haven't fully grasped the task of securing their endpoints. In fact, many companies completely ignore their printers in their endpoint security strategy. A year ago, MafiaBoy didn't beat around this huge mistake. In MafiaBoy's career as a white-hat hacker testing security, he's learned many IT teams totally underestimate print security. Calce says, "With 240 functions, it's an operating system. IT isn't paying enough attention to these devices, especially considering there's often one printer per 10 employees."
While this virtual reality experience was a simulation, it's easy to see hackers aren't necessarily armed with serious ammo. Unless hungry cybercriminal wolves are up against their worst nightmare, it's not hard for hackers to find a completely wide-open endpoint and slink inside your network undetected. Use this tour as inspiration to start thinking smarter about your IT environment.
Continue your journey alongside MafiaBoy with, "MafiaBoy sheds light on the hackers hiding in the shadows," and click "subscribe" at the top of the page to keep your eye on Tektonika and learn more about what you and your IT team can do to protect your business from hackers.