Printer Networks Vulnerable to Hackers: Report

Dennis Faas's picture

Printers using server software offered by Hewlett-Packard (HP) are reportedly vulnerable to attack. In fact, it's possible for a hacker to use the flaw to bypass security defenses, steal documents, and crash every machine connected to the same network.

Security researcher Sebastian Guerrero says the problem affects printers using HP's JetDirect software. That software is used for print servers, meaning it can handle any printing request made by a network-connected computer.

Hackers Could Bypass Security Defenses

Guerrero says that a flaw in the JetDirect software could allow an attacker to bypass built-in security defenses -- including fingerprint or smart card verification systems -- and access a network. (Source: pcmag.com)

From there, hackers could reportedly choose to steal previously printed documents or knock network-connected machines offline. The flaw could also be used to seriously damage the infiltrated printer, forcing a reinstallation of its firmware.

"An attacker could trigger a persistent denial of service affecting a large percentage of models and manufacturers," Guerrero reported. (Source: informationweek.com)

Guerrero also noted that advanced hackers could even use the vulnerability to decrypt sensitive information.

"All of the heavily encrypted documents a company has on its computers are automatically unprotected once sent to the print queue and are recorded and stored in the history," Guerrero said.

Guerrero hasn't yet noted which printer makes and models are affected by the flaw. However, he has told the media that the vulnerability affects some Ricoh and HP DesignJet printers.

All JetDirect Printers Vulnerable

Beyond that, Guerrero says that any printer using the JetDirect software is at least vulnerable to security breaches. He implied that the damage one can do beyond accessing a system might vary by printer type.

Hewlett-Packard has not yet publicly commented on the issue. (Source: informationweek.com)

Back in late 2011 a similar problem affecting Hewlett-Packard printers was reported by security experts. HP responded by calling associated reports "sensational and inaccurate." Later, it was found that just 1-2 per cent of all printers were vulnerable to attack.

It's not yet clear what percentage of printers are affected by this latest vulnerability.

UPDATE: HP has since responded to Guerrero's report. The firm says that Guerrero's claim that hackers can recover and steal previously-printed documents is false. Furthermore, a representative said that DDoS threats can be mitigated by setting a more secure password. Finally, HP says restricting device connectivity in HP Access Control can prevent non-authenticated access of print networks.

Rate this article: 
No votes yet