Printers are everywhere, but they’re not exactly the sort of device that we pay especial attention to when it comes to our businesses IT security infrastructure. In reality, corporate networks of printers that are not properly protected could end up being one of the company’s biggest security gaps.
A spectacular example of this can be found in an apparently mysterious event that recently affected more than 160,000 printers all over the world. Without warning, every one of them printed the same document, which warned that the printer in question would now be part of a bot network. In short, the printer had been infected and now seemed to respond only to orders coming from its new cybercriminal master.
— Stephanie Sanchez (@IAmStephanieS) February 6, 2017
A Warning in the Form of a Joke
As it turns out, behind this singular attack was Stackoverflowin, an enigmatic hacker who explained that the whole thing was a joke intended to raise awareness of printers’ vulnerabilities. “It was kind of on impulse,” he acknowledged. As he explained, he was looking to raise awareness of how dangerous it is to expose connected printers to the public internet without a firewall or other tools.
In order for the humor of this singular attack to be noticed, the hacker’s warning came with a fun robot drawn with ASCII art. But jokes aside, the situation really is quite serious: printers of every kind and from all over the world have fallen into Stackoverflowin’s trap.
To achieve this, the hacker developed a script able to track printers connected to the Internet with one of its ports open. Using the open port, he was able to order the device to print the enigmatic document.
However, it is actually quite simple to heed Stackoverflowin’s warning and fix the problem. Just make sure that the ports on the printer network have a secure password and that all devices on your corporate network are covered by the right protection to avoid cyberattacks that, next time, may not be so friendly.
In case this wasn’t enough, a group of German researchers has published a study that shows that numerous printer security flaws can be exploited to access the memory of these devices and steal data such as passwords or even confidential documents. So check your printers! This is an issue that we collectively need to take more seriously, and these potentially vulnerabilities are worth looking into.