When it comes to computer and system security, not many people tend to think about their printer as being not only an entry point for attackers to get into their networks, but as potentially the target for attacks, yet that’s just what is happening. Three weeks ago on the TWiT produced Security Now podcast, security man Steve Gibson pointed out a seemingly innocuous vulnerability present in many modern day printers that effectively allow them to be attacked and remote controlled by the attacker. This would allow someone to do anything from read the information being passed to the printer as it’s printing, meaning sensitive documents could potentially be exposed, or, as was the case a more few days later, enable someone to print out pages of whatever they want which is exactly what someone did just a few days later. The worst part of this is that it’s not just home office inkjets that are at risk here, but all printers and all types of printers even including receipt printers or office copy machines.
Why should you be concerned about it? Because while taking over a printer may seem scary enough, it’s only a matter of time before it becomes an entry-point for attacking a network and the computer systems on it. And since printers generally aren’t widely considered a security threat, very few are secured as well as they could be and many aren’t even monitored.
So what can be done? The first solution is actually fairly simple. Turning off UPnP in your network routers is a huge help as it will ensure that the printers cannot communicate with the Internet through protocols that will compromise it. Turning off UPnP is a good idea in general just so that devices on the network are not allowed to do whatever they want which presents a dangerous situation, especially with the rapid onset of Internet-of-Things (IoT) devices. UPnP is commonly found in the administration section of many home and small office routers web interface and is unfortunately defaulted to ‘on’ in many cases. Switching this to off is a big step in having a more secure network.