Over the weekend, a hacker by the name of Stackoverflowin gained access to 150,000 unsecured and internet accessible printers using an automated script, making the devices print out customised messages. Stackoverflowin said he did it for fun, but it’s a good lesson for those who leave their printers exposed. We have some tips on protecting your printer.
We already know a number of printers from major brands carry security vulnerabilities but if you don’t take action to secure your devices, you’re making it easier for hackers to gain access.
Speaking with security publication Bleeping Computer, Stackoverflowin said he used an automated script to search for open printer ports and send them print jobs. The messages that were being printed were pretty harmless and were sent to home and business printers. Here’s an example:
@lmaostack lol? pic.twitter.com/cjvEstn55t
— Kenshin el Manco (@d_kenshin) February 4, 2017
Stackoverflowin has already said he did it for a laugh but it’s a perfect reminder for you to secure your corporate and home printers.
Basics Steps To Secure Your Printers
If you can help it, it’s best to avoid networking your printer; connect to it directly from a PC. It’s less convenient and is more suitable for home printers.
Businesses may require a network printer. If that’s the case, then they should not be exposed to the public internet; configure the printer to only allow access from approved networks and devices. You can also use a firewall to restrict access to the printer.
If you’re going to allow remote printer access, be sure to change the default password on the device.
Comments
2 responses to “Hacker Gets Into 150,000 Exposed Printers And Makes Them Spit Out Funny Messages”
Also disable Internet Printing Protocol or IPP (tcp:9100) as a port forwarding/inbound firewall rule.
I’m struggling to think of a scenario that requires a external facing printer