By Milica D. Djekic
You would probably be present or hear about some cybersecurity events where some of the attendees hacked the conference projector using a mobile device.
Such a happening may seem as so attractive to many and you may be wondering how those guys could make that spectacular trick.
Through this article, we would talk about such an occurrence and try to explain how it’s possible to make such a gag and cause everyone getting excited about your skills at that moment.
It’s well-known that the IT security conferences would deal with a lot of geeks or at least people being in love with their computers, networks or mobile systems. As everyone knows, for cyber defense – it’s crucially important to understand the hacking for a reason it’s the only way to prevent such a threat.
The cybersecurity folks are supposed to be equally good as the bad guys or even better in order to protect the certain IT asset.
As we’ve talked through this article – sometimes the cyber experts would try to make a gag and they would use some of the cyber defense events to cause a show alive. You may be wondering what they would do for a real.
So, let’s try to explain how it’s possible to obtain something that cools as hacking the projector is. The standard scenario would be as follows. You would come at some cyber defense event with your laptop, tablet or another mobile device and you would try to login to the conference’s network.
Your host would give you permission believing that you need the internet to check out your e-mail and social media accounts only. Well, everything would appear as somehow usual and unsuspicious – right?
Your next step would be – you would begin using such a network through your wireless LAN capacities and as we can guess you would come at that event being fully supported with some hacker’s tools.
For instance, you would have with your laptop some sort of network’s scanner being installed and you would enable your remote administration tools.
Searching the network would require you to insert the certain range of the IP addresses being present within that environment. So, how would you get familiar with such a range?
You can always see on the web what’s your IP address is and then try to define the range including such a network. It’s well-known that the projector would have its own IP address being somehow within the range with the rest of the devices belonging to that network.
Also, the majority of projectors would deal with their installation software and you would easily recognize that device amongst the rest of the network’s gadgets. In other words, you would doubly get which one of the offered devices being represented with your IP scanner’s window is the conference’s projector.
As we said – the hacker’s kit would usually deal with some of the remote administration tools, so you would easily – using those options – be in a position to switch off the projector or take full control over it.
This would happen so commonly at many events, so we would notice that the majority of projectors are not protected with any sort of username and password access controls.
Also, it would be so easy to the experienced cyber geeks to connect to those devices and play with them. It’s only one of the vulnerabilities we’ve noticed through our experience, so we would highly recommend – having all of these in mind – that the stronger protection should get used everywhere – not only with the projectors.
About The Author
Since Milica Djekic graduated at the Department of Control Engineering at University of Belgrade, Serbia, she’s been an engineer with a passion for cryptography, cybersecurity, and wireless systems. Milica is a researcher from Subotica, Serbia. She also serves as a Reviewer at the Journal of Computer Sciences and Applications and.
She writes for American and Asia-Pacific security magazines. She is a volunteer with the American corner of Subotica as well as a lecturer with the local engineering society.
