Millions of printers open to devastating hack attack, researchers say

Source: msnbc.com

Could a hacker from half-way around the planet control your printer and give it instructions so frantic that it could eventually catch fire? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure?

It’s not only possible, but likely, say researchers at Columbia University, who claim they've discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies.

Printers can be remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack otherwise secure networks and even cause physical damage, the researchers argue in a vulnerability warning first reported by msnbc.com. They say there's no easy fix for the flaw they’ve identified in some Hewlett-Packard LaserJet printer lines – and perhaps on other firms’ printers, too – and there's no way to tell if hackers have already exploited it.

The researchers, who have working quietly for months in an electronics lab under a series of government and industry grants, described the flaw in a private briefing for federal agencies two weeks ago. They told Hewlett Packard about it last week.

Read more: http://redtape.msnbc.msn.com/_news/2011/11/29/9076395-exclusive-millions-of-printers-open-to-devastating-hack-attack-researchers-say

i wasn't the only one to think bad thoughts this morning :evilgrin:


http://www.democraticunderground.com/discuss/duboard.php?az=show_mesg&forum=439&topic_id=2397702&mesg_id=2397885

eeeeevil...

...now 15 years old (the computer whiz was still using floppies!) this was how the terrorist organization took down Midwest Bell... virus stored in the printer's memory.

No Ma Bell, no 911. No 911... major Midwest cities go up in flames because alarms and calls to police and fire services don't go through.

Is this really an exploitable threat in the real world, or a ploy to get people to upgrade their old HP4000's (which don't ever seem to die...)? Maybe a bit of both?

My old 4000 just keeps cranking away. It's about 16 yrs old. The cat broke the manual paper feed, though, when she tried to use it as a perch from which to battle the paper coming out.

and my manual paper feed is broken as well. Still, great printer. Too bad they don't make them as well as they used to.

"But the Columbia researchers say the security vulnerability is so fundamental that it may impact tens of millions of printers and other hardware that use hard-to-update “firmware” that’s flawed.

'Crystal clear'
The flaw involves firmware that runs so-called "embedded systems" such as computer printers, which increasingly are packed with functions that make them operate more like full-fledged computers. They also are commonly connected to the Internet."


So, printers with hard-to-update “firmware” are more vulnerable? to this attack? Yeah, OK, whatever you say.

And then there is these code words again - "embedded systems". Weren't these mysterious "embedded systems" supposed to cause cars to stop running and planes to fall from the sky, coffee pots and microwaves stop working at midnight going into 2000?

"...there's no way to tell if hackers have already exploited it." That phrase alone should raise a red flag that you are being conned.

I call bullshit in this article. Just because they can do in in controlled laboratory conditions, does not mean it can be done in the wild.

It's really just a fancy word to describe single-purpose firmware. Virtually all modern electronic devices utilize them - cellphones, for instance. The Y2K vulnerabilities, if any, were an entirely separate issue than this (except for the short-sightedness of firmware development teams). As far as the "hard to upgrade" part, I'm not sure where they're coming from with that; on the models I worked on the process was generally easier than a PC BIOS update.

As far as this hack being difficult to implement outside "controlled laboratory conditions", from the article: The chips run off-the-shelf operating systems like VxWorks and Linx, a scaled-down version of the Linux operating system designed for embedded devices. Reprogramming the chip was relatively easy, he said – and now that the concept has been proven, he thinks others could reproduce his work in a day or two.

"In fact, it's almost impossible to think that someone else hasn't already done this," he said.

I see it less as fear, and more as simple information giving us the allowance to take precautions if desired. :shrug:

But I imagine that "bullshit" can be found found anywhere if we wish for it hard enough... even found in places where it simply doesn't exist.

You sound far too trusting of things you read. No one need lose any sleep over this. I'd be more worried about those people that cause paper jams because they can't seem to learn to load paper in the printers drawers correctly.

:shrug:

;-)

1) Don't open messages from someone who you do not know
2) Don't open attachments that you are not expecting.
3) Don't open links to weird places.

This infection has to get to the printer some way. The easiest way for it to get to the printer is as a print job. This infection could also be a major security risk in the future if it evolves to interface with printer jobs, and send information back to some place, or become part of a botnet.

Local user intervention is not necessary to implement the attacks discussed.

As long as the computer that interfaces with the printer has an Internet connection, it can send a print job will update the firmware.

As long as the computer that interfaces with the printer has an Internet connection, it can send a print job will update the firmware.

lots of flashlights and batteries, used saran wrap and duct tape to prevent anthrax and carries a parachute to high-rise buildings!!

I am just responsible for about 2000 users. One of my pet peeves with them is that they do not update software.

Don't you make any preparations for emergencies? Or have a garden and/or preserve stuff?

First, there's no way for firmware to override a laser printer's thermal fuse, even if you did manage to code firmware that causes the fuser to run overtemp. Simple: fuser gets over X degrees (below the 233C at which paper can burn - most printers fuse at less than 200C ), thermal fuse blows, printer codes out and someone calls a service tech to replace the thermal fuse. It doesn't "self-destruct". Now, an affected printer would do it again, so a tech would next check the firmware and probably update it prior to troubleshooting for board failures, etc. New firmware = problem gone. But:

"instructions that would continuously heat up the printer’s fuser – which is designed to dry the ink once it’s applied to paper – eventually causing the paper to turn brown and smoke."??

"Dry the ink"'s LOLworthiness aside (it's toner and it melts)... Nope. And even the guy saying it could be done couldn't make the printer do it, because no amount of firmware hacking's going to get a fuser hotter than the temp at which that thermal fuse blows. It's a safety measure that's in place precisely because thermistors - the temperature sensor in a laser printer - fail, boards fail and the triacs that turn on the heater lamps/elements fail. But all a thermal fuse does is sit there waiting for the temp to hit X. If it does, the power to the fuser is cut. Full stop.

If there's a worry about firmware exploits, it would be more that miscreants would just crash printers with bad code. Chill.

that red light on your tv that comes on when you have it turned off, is either a camera or a remote-detonated switch that someone in china is plotting to erase you one day???

(truth is, ya can't be too sure :tinfoilhat: ) :hi:

:rofl:

The HP software says it's off, but it is still active, and presumably as hackable as any other unsecured wireless. In response, I've disabled about a third of the printer driver software. Most functions still work (i.e. copy, print, fax). It's really old, and when it dies I will probably repair my old LaserJet V, an eighty-pound marvel from back when HP made stuff that worked well.

K&R

Most electronics nowadays will shut themselves off if they get too hot.

For reasons mentioned by others - the thermal fuse will (permanently) disable the printer in an overheating situation, and laserjet toner is a fine powder, not a liquid ink. The author should have stuck to the real threats posed by a potential hack, such as theft of data or infection of other machines on the LAN.

Some networked laser printers, like the Brother HL-4040 sitting a few feet away from me, store their print jobs on an internal stack and keep them buffered until they're either pushed out by other print jobs, or the printer is powered off. This is touted as a convenience feature (I can walk up to my printer and reprint 5 copies of my last document, even if my computer is off), but could be a potential security problem if the printer were actually exploited by a blackhat. I print a lot of things that shouldn't be distributed to the general public.

I'm pretty sure that some of the HP laser printers have the same feature. Since these printers are used in doctors offices, police departments, law offices, and plenty of other places that touch sensitive data, this really could be a serious problem.

And, of course, this is merely limiting my suppositions to exploiting the existing buffer. Depending on the particular models memory configuration, a rooted printer could easily be configured to send a "copy" of each print job to a remote IP address. The only hard trick would be getting the exploit to stay resident through a power-cycle. If a printer is flashable, an attacker could permanently (and irreversibly) turn a network printer into a real-time spying machine.

Disturbing. I'd never really thought about it before...

I mean, if you're gonna be a hacker, do something productive. :hide:

I don't allow computers that are exposed to the Internet to get anywhere near being able to control those printers, or any other printers.