In a new article, researchers have highlighted a selection of attacks that demonstrate the risks posed by poorly protected wireless printers.
Written by security analysts Giampaolo Bella and Pietro Biondi, the report breaks down three attack vectors (collectively called Printjack) that could be used to hijack thousands of printers with a publicly accessible TCP port 9100, making network printing easier.
One attack in particular, described as a "paper denial of service (DoS)" attack, could be used to trick printer owners by remotely triggering jobs until the paper and/or ink supply runs out. Supposedly, this attack can be performed using a simple Python script.
Not so funny printer attacks
Compared to other Internet-connected devices, the measures in place to protect even the most modern printers are extremely basic, according to the researchers. And while DoS attacks on paper are relatively harmless, there are more sinister ways for a hacker to abuse exposed machines.
For example, a malicious actor could hijack vulnerable printers in order to launch distributed denial of service (DDoS) attacks, combining a known vulnerability with a widely available proof-of-concept exploit.
Beyond the fact that the printer is now part of a cybercrime campaign in this scenario, the machine itself would also experience drops in performance, consume more power, and degrade faster than usual.
The document also demonstrates an attack whereby a vulnerable printer is used to intercept the content of printed documents as clear text, which could have serious ramifications for any business dealing with classified data.
“Beyond the technical aspects of the attacks, there is a clear lesson. Printers must be secure in the same way as other network devices, such as laptops, ”wrote Bella and Biondi.
Simple measures include requiring authentication before someone can access the printer's management panel or start print jobs. Various problems can also be corrected by enabling IPSec-only printer connections.
"Since the right technology is available to mitigate the risks of the Printjack family of attacks, the biggest effort ahead appears to be training users to support security and privacy measures as part of the process of their routine printing tasks. ", the report concludes. .
Via BleepingComputer