More Than 14,000 College Printers in the US Are Open to Hackers
Hackers could remotely abuse them to print whatever they wanted, or even brick them.
Last week, the notorious hacker and troll Andrew Auernheimer showed just how easy it is to use insecure internet-connected printers to spread hateful racist propaganda. The hacker, also known as Weev, said he used two lines of code to make 20,000 printers, many in colleges and universities, spit out an anti-semitic flyer all over the United States.
His exploit quickly made the rounds on social media and local news outlets, showing the staff at American schools that they need to make sure their printers aren't set up in a way that lets anyone, from anywhere in the world, abuse them.
"Printer security is basically a joke...and it's the elephant on the network."
Days after the first reports of the incident, a few seem to have gotten the message. But as of Monday afternoon, there are still more than 14,000 printers in colleges and universities in the US that are completely open to hackers, according to a search on Shodan, a search engine for internet-connected devices.
While this might be seen as good news, it's probably too little too late. And it's not like colleges and universities had not been warned before.
Almost 10 years ago, security researcher Adrian Crenshaw noted that many printers were programmed to accept any printing job sent over the internet to their port 9100 (the same port Auernheimer exploited).
Also, just two years ago, Shawn Merdinger, another security researcher, encouraged universities and colleges to remove their printers from the public internet in a talk at a security conference for higher education institutions. At the time of his talk, Merdinger said there were more than 38,000 vulnerable printers on the internet.
"I'm only surprised this hasn't happened sooner," Merdinger told me in an email. "Printer security is basically a joke...and it's the elephant on the network."
And if you think all a hacker can do with these open devices is print flyers, think again. As former NSA researcher Dave Aitel noted on Twitter, Auernheimer could have sent an update to the printer's firmware with a similar command to the one he used last week, bricking the printers.