Home Cyber Attack Researchers Hijacked Unsecured Printers To Demonstrate How To Secure Them

Researchers Hijacked Unsecured Printers To Demonstrate How To Secure Them

by Abeerah Hashim
Print Spooler zero-day hacking remote printers

A team of researchers demonstrated how they hijacked unsecured printers globally while guiding users on how to secure the printers.

Unsecured Printers Hijacked

Reportedly, the security team at the CyberNews has discovered many vulnerable printers globally. Eventually, they hijacked thousands of unsecured printers from across the globe. Their intent wasn’t a malicious one, rather they guided users on how to secure their printers.

As described in a recent post, they found around 800,000 printers exposed to the internet, unsecured, on IoT search engines. They found these printers ‘network-enabled’ and ‘accessible over the internet’.

As stated in their post,

We searched for IP addresses with open ports on specialized IoT search engines, such as Shodan and Censys. While performing the search, we made sure that the open devices we found were actual printers, as opposed to unrelated services that simply used those ports for other purposes.

Though not all of them might be vulnerable, the researchers could still target 500,000 of these.

Consequently, they aimed at 50,000 printers and could successfully force printing on 27,944 of them. They selected these printers based on location, manufacturer, and protocols used for accessing the printers.

Briefly, they designed a custom script that typically targeted the printers’ printing process, leaving any other features. As they executed the script, they could trigger the target printers to print their 5-step printer security guide.

Why Secure Printers

Despite discussions and reports, the problem still persists as users and organizations do not take printer security as seriously as they should.

Elaborating on this dangerous problem, the researchers stated that criminal hackers may hijack such unsecured printers to exfiltrate data. Also, they can include the printers into botnets to perform DDoS attacks. Or, such attacks may also lead to ransomware attacks and more.

Some manufacturers continue working on making their printers secure. For example, in 2018, HP announced a bug bounty program aiming at its printer security. However, organizations as well as individual users also need to pay attention to this matter.

Some of the measures users can apply to protect their printers, as explained by CyberNews, include,

  • Securing printers’ ports
  • Restricting the wireless connection of the printers to the router
  • Using a firewall
  • Changing passwords
  • Applying firmware updates when available

Let us know your thoughts in the comments.

You may also like