Nearly A Million Printers At Risk Of Attack, Thousands Hacked To Prove It
Roughly 28,000 printers recently gave their owners an unexpected lesson in cybersecurity. Seemingly unprompted, the printers whirred to life and produced a 5-step guide to keeping hackers at bay.
“This printer has been hacked,” the message began ominously. Fortunately for the “victims” it was a group of ethical hackers behind the attack. A team of researchers from CyberNews was out to remind the public about the potential peril of connected devices.
Get started on your cybersecurity degree at American Military University.
To get the ball rolling, the team scoured the globe for printers that were vulnerable. They found more than 800,000 in total using a search engine called Shodan.
Shodan is a tool that’s leaned on by both security researchers and cyber criminals. In the past it’s been used to identify thousands of at-risk surveillance cameras, security alarm systems and hundreds of wind turbines and solar devices.
And yes, Shodan has also been used to pinpoint tens of thousands of vulnerable networked printers. In 2018 someone hijacked around 50,000 printers and forced them to print documents voicing support for controversial YouTuber PewDiePie.
It was the sort of incident that can serve as a much-needed wake-up call. Given what the CyberNews team discovered, the problem was largely ignored.
Its researchers selected a sample of 50,000 printers based on their location, the brand and which protocols were left exposed to the Internet. The next step was to develop the actual “attack.”
The team created a “custom script that was specifically designed to only target the printing process, without gaining access to any other features or data stored on the printers.” As the script cycled through the list, 27,944 printers happily printed out a PDF guide on printer security.
This message was sent to 50,000 printers as part of a security exercise.
As CyberNews points out that’s a hit rate of 56%. Across the entire list of 800,000-plus vulnerable devices located by Shodan that works out to around 447,000 that could have been successfully hijacked.
“These numbers speak volumes about the general lack of protection of networked devices worldwide,” concludes the CyberNews report.
It shows more than just a glimpse into the staggering number of at-risk devices. It also reveals just how hard it is to convince people of the associated risks.
When the hacker behind the 2018 PewDiePie incident scanned for printers with Shodan the result was almost identical — reportedly 800,000 exposed. Two years later little — if anything — has changed.
It’s entirely possible that many of the 2018 victims simply saw an odd document on their printers, crumpled it up and tossed it thinking that someone else at the office printed something by mistake.
Hopefully the results will be different this time around. The message on the CyberNews prints is clear enough… as long as those who received it take the time to read it.
Those who don’t may learn the hard way that malicious hackers may not stop at printing out random (or even offensive) documents. They may use access to printers to gain a foothold on a network and launch more sophisticated attacks.