The security-news website Cybernews announced today that it had "hacked" nearly 28,000 printers worldwide in a stunt to "raise awareness of printer-security issues."
That's a worthy cause, as many owners and administrators of networked printers don't properly secure them. But Cybernews' "hack" wasn't a hack at all, actually. Instead, Cybernews used common printing commands to print documents on remote printers, exactly as the printers had been designed to do.
- 'Hundreds of millions' of smart home devices and PCs can be hacked remotely
- The best antivirus software to keep your PC clean
- New: Microsoft Word just got a killer feature that puts Google Docs to shame
This was possible because these networked printers were set up to receive print jobs over the internet without any authorization. So Cybernews commanded the printers to print out a five-page document instructing the printers' owners and operators on the basics of printer security.
If this sounds familiar, it's because this has been done before. In 2016, the notorious internet troll Andrew Auernheimer, aka "Weev," used similar methods to get 20,000 printers (his number) to spit out a one-page racist manifesto, complete with giant swastikas.
In 2017, a pseudonymous hacker called "Stackoverflowin" did the same thing, only sending a brief message to close open internet ports instead of a racist screed.
Like Cybernews and Stackoverflowin, Auernheimer scanned the internet for printers that were open to the internet and would receive remote commands. However, he told Vice Motherboard that he "did not hack any printers," but instead "sent them messages, because they were configured to receive messages from the public."
Now despite the warnings in Cybernews' blog post, just because your printer can receive print jobs over the internet doesn't mean it can be completely hacked. But exposing your printer to the internet does make that easier.
To make sure your printer isn't accessible online, tweak the firewall settings on your home (or office) router to block port 9100, the most commonly used port of internet printing. If you can find a similar setting in your printer's administrative interface, block the port there as well.
Cybernews adds two more tips to protect your printer from miscreants, whether it's connected to the internet or not.
First, make sure your printer's firmware is up to date. You may have to poke around on the manufacturer's website to find new updates. Second, see if you can change the default administrative password for the router.