Printers – the thermal exhaust port in the Death Star

One of the biggest security flaws in a network is complacency and arrogance. “We have a firewall, a strong WiFi password, our employees change their passwords regularly, our website has been tested for vulnerabilities etc.”. What is overlooked in almost every organization is the printer. Have you ever taken a moment to consider just how much sensitive data passes through your printer? Can it store a file on your network shares? Can you really guarantee that if a virus is attached to that file, you would know before opening it? What if the banking details were changed in that huge invoice you just scanned?

The scary thing is that even printer manufacturers may be overlooking this. The strength of their security system is often pathetic. Some vulnerabilities in printers have existed for over a decade, this suggests they genuinely don’t even care. For a vulnerability to exist for that long is an absolute outrage. Security analysts worldwide are livid if a patch takes longer than a month.

A team or researchers from Ruhr-Universität Bochum in Germany tested 20 printers and multifunction printers from various vendors. They tested HP, Brother, Lexmark, Dell, Samsung, Konica, OKI and Kyocera. Every single test revealed at least one vulnerability. Of the vulnerabilities they found; some were old, some were new. Some could be exploited locally, some remotely. Some could crash the device, some could grant them access to the company’s network.

They used PostScript – a computer language created over 30 years ago by Adobe – that is still supported by all major printer manufacturers. The malware they created in this language could be executed via USB, the local network or even from a user visiting a malicious website. They could access the entire file system on printers (including passwords for the embedded web server). If you use Email-to-Print or Scan-to-FTP, they can easily find passwords for LDAP (used to access and maintain your directory structure), POP3 (a protocol used for email), SMTP (another email protocol), outbound HTTP proxy (HTTP is an internet protocol and a proxy is essentially a shared internet line), FTP (a file sharing protocol), SMB (another file sharing protocol), Webdav (allows remote web authoring operations) and the IPsec pre-shared keys (the keys to the encrypted data on your network). Long story short: if your printer is hacked, is a great place to buy Bitcoin. Although you will only need Bitcoin if they decide to infect you with ransomware, they could just empty your bank account instead. possibly even your employees’ too.

Google Cloud Print is a service that allows users to print from anywhere, even a mobile phone, to any compatible printer. They found security issues in it.

Google rewarded them $3133.7.