![[H]ard|Forum](/styles/hardforum/xenforo/logo_dark.png){kind=logo}
- Joined
- May 18, 1997
- Messages
- 54,215
The SANS Internet Storm Center (and me 10 months ago-pictured below) reports that over 3,759 Octoprint (OctoPrint is an open source web-based host for RepRap printers.) 3D Printers are available online and with unauthenticated access granted for any aspiring saboteurs and those dabbling in the arts of espionage. Espionage you say? Of course. But how and why good sir?
Tweet.
Well, in the case of Octoprint it's as simple as enumerating unauthenticated instances of Octoprint via Shodan and well... Just simply going to the indicated IP. It's that easy. Once access to the console has been obtained you have near full control of the printer on the other end. Want to download the G-Code used to print the object and be able to reproduce it yourself? Done. Want to adjust the parameters of the printer during a print job to "modify" the printed object? Easy peasy. Want to destroy the printer on the other end? Who cares about thermals.
The Bigger Picture is this. Defense and Aerospace companies across planet earth use 3D Printers to prototype virtually everything produced. It's how those companies test concepts to determine whether those will work or not in real world scenarios. Antenna, radomes, weapon systems, airframes, armor, casings, turbines, engines, vehicle modeling, etc., etc.
Virtually everything that hits a 3D Printer, gets tested, then revised, then hits a 3D Printer again. In some instances, the 3D Printer actually manufactures the product itself.
This data is extremely valuable... and guess what? It's all X and Y coordinates with Z thrown in to define a layer change. Easy data to rebuild into a useable part. Easy data to exfiltrate. Easy data to sell. Thanks to our in-house HardOCP security professional, who just happens to dabble a bit in the world of 3D printing; schtask, for this very informed post.
Tweet.
Well, in the case of Octoprint it's as simple as enumerating unauthenticated instances of Octoprint via Shodan and well... Just simply going to the indicated IP. It's that easy. Once access to the console has been obtained you have near full control of the printer on the other end. Want to download the G-Code used to print the object and be able to reproduce it yourself? Done. Want to adjust the parameters of the printer during a print job to "modify" the printed object? Easy peasy. Want to destroy the printer on the other end? Who cares about thermals.
The Bigger Picture is this. Defense and Aerospace companies across planet earth use 3D Printers to prototype virtually everything produced. It's how those companies test concepts to determine whether those will work or not in real world scenarios. Antenna, radomes, weapon systems, airframes, armor, casings, turbines, engines, vehicle modeling, etc., etc.
Virtually everything that hits a 3D Printer, gets tested, then revised, then hits a 3D Printer again. In some instances, the 3D Printer actually manufactures the product itself.
This data is extremely valuable... and guess what? It's all X and Y coordinates with Z thrown in to define a layer change. Easy data to rebuild into a useable part. Easy data to exfiltrate. Easy data to sell. Thanks to our in-house HardOCP security professional, who just happens to dabble a bit in the world of 3D printing; schtask, for this very informed post.
