Login | September 21, 2017

Fear your printer

RICHARD WEINER
Technology for Lawyers

Published: September 8, 2017

Best thing for tech writers every year is the annual Black Hat conference in Vegas. Whether you attend or not, the hackers present always give us lots to write about.

Today’s lesson in “what to be afraid of in your office” is your printer.

And why not? What if a hacker could access any print order from the printer’s memory, or intercept it as it prints, or change it, or erase it, or trash it? Well, guess what? They can, as described by one Black Hat presenter, who gave a hacker’s tour of modern office printers.

The code that drives printers hasn’t really changed much in the last two decades—modern laser printers are mostly all using some variation of one of two sets of codes developed decades ago for dot matrix printers (clackety-clack) and other old-timers. Can’t make it any easier for potential hackers to exploit them.

The way printing protocols work, both the code and the data for the print order are delivered at the same time by the same means. That is as un-secure as it can get.

Want more? Most modern printers, of course, are WIFI-enabled, which raises the possibility not only of the printer itself being hacked, but it also delivers another access point into a system for a hacker to try to exploit.

Printers themselves and the rooms that they reside in can also be easily physically accessed. Even if the printers are air-gapped, how secure is your copy room? You know, the gov’t can access air-gapped computers pretty easily (that’s a different and scarier story...).

The presentation described four lines of attack that a hacker could follow when looking at printers.

The first was a standard denial of service attack. One line of code sent a printer into an infinite loop, preventing anyone else from accessing it.

The second line of attack was a protection bypass, designed to eliminate a printer’s password by resetting the printer to its factory settings.

The third line of attack was various manipulation of the print job itself—including some that were permanent.

But the last exploit was the most dangerous: information disclosure. A printer could be ordered to save print jobs in its memory for future access. That gives a hacker access to secure information without attacking the actual database where it would be stored.

So—time to start thinking about printer security, eh?


[Back]