Flawed office printers are a silent but serious target for hackers | TechCrunch
You probably don't think too much about your humble office printer. But they're a prime target for hackers, if any of the dozens of vulnerabilities found
techcrunch.com
Yes, there are some people who think that so long as they continue to work with printed materials they can be secure from the common hacks that stem from weak security combined with mass data sharing. Except it turns out that you just need to hack those printers themselves, and that relying on large companies to keep those devices secure does not really work. Yes, the trees are dying for no reason at all, because the premise of security is flawed.The latest research by the NCC Group just revealed at the Def Con security conference shows just how easy of a target office printers can be.
...
No wonder they're a target; office printers are a treasure trove of sensitive data. And because they often come with a web-based interface or an internet connection, they have a huge attack surface, making them easy to hack.
In the course of three months' work, researchers Daniel Romero and Mario Rivas found and reported 45 separate vulnerabilities from six of the largest printer makers — HP, Lexmark, Brother, Xerox, Ricoh, and Kyocera — which could have allowed attackers to, among other things, siphon off copies of print jobs to an attacker controlled server.
They also showed they could hijacked and enlist vulnerable printers into botnets — used to overload websites with junk internet traffic. Or, with little effort, they could brick the printers completely, potentially causing havoc for business operations.
Not a new concept, but it is noteworthy that the experienced manufacturers continue to have easily exploited vulnerabilities after the wireless interfacing has matured to this extent. It also proves once again that it is only by completely shutting yourself off from society can you (hopefully) protect yourself from the global hacking epidemic. Sharing data online or keeping it on hard copy, your technology and the information that it processes can be compromised so long as your electronics are not completely air-gapped, and if they are you really don't benefit from the technology at all.