The title of this news might seem a little odd. How can someone hack into 28,000 printers from one or several companies? That is the main question.
Let me give you some background information. Many technology news websites are constantly reporting malware and ransomware attacks in big and mediums sized companies, and they are becoming very popular in smaller companies as well.
Those headlines mention data theft, network failure or taking over information from an entire network. But an attack on printers? Is something never seen before. We are as shocked as you are.
What is it about?
The people over at Cibernews made this experiment in that number of devices from companies all over the world. Basically, they sent a message to all those printers so it could be printed. The message explained how to protect their printers to prevent anyone from not doing the same thing.
Obviously, many of the users affected were surprised to read that message that wasn’t sent by any of their internal users, but what’s surprising is that they only did the test for that number of printers. However, they could have done it in hundreds of thousands if they wanted to, and the reason why is because it is very easy to reach so many of these.
Initially -and this is very important-, they looked up IP addresses online that were exposed through search engines for IoT and they found the addresses for 800,000 printers that were accessible via the internet. Then, they sent a script with the personalized document to 50,000 of those and exactly 27,944 documents were printed from that same amount of devices.
This test was online done for printing one document, but it clearly shows that if they wanted to they would have picked another amount of information inside of those same printers that could have been use for something less legal.
The targeted printers were not only in the US, but also the rest of the world. However, something that grabs people’s attention is that they were able to filter the search results per country, Operative System and even the company that is exposed. This gave an average of 56% of easy access printers.
What did we learn?
First, it is worth to highlight that we have not heard about such an experiment before. Second, it’s clear that every device that has an IP address are exposed if the don’t have any type of security on them.
Most of the times, companies focus their resources and best efforts in protecting networks, servers, endpoints and other devices. However, only few of them have some control over the printers and that is what we are looking for with those experiments: showing that an attack can harm people in many ways, not only through their computers.
If you want to know more about the experiment, you can click on this link.
Thank you for reading! We hope you liked it.
Share this post on your social media and leave a comment below with your thoughts on this blog.
If you want to see more from where this came from, subscribe to our newsletter.
See you next time!