Many electronic devices ship with Internet access these days. And I'm not talking about traditional devices like PCs or even gaming consoles, but more about peripherals like printers and household items such as fridges or microwaves.
Columbia University researchers have discovered a vulnerability in select Hewlett-Packard LaserJet printer lines that could allow attackers to install a modified firmware to steal information, run attacks from within a network or cause physical damage to the printer.
Attacks can be carried out from different vectors. Printers that support a remote firmware update process could allow attackers to take control of a printer's firmware over the Internet in less than a minute if the printer is not protected properly by a firewall. The researchers were able to find more than 40,000 devices during a scan that they said could be infected within minutes.
Local attacks are another possibility. The researchers were able to send print commands from Macintosh and Linux computer systems to trick the printer into reprogramming itself. It is not clear at the time of writing if Windows environments are safe or also affected by this.
Printers that the researchers analyzed do not verify the source of the firmware with the help of digital signatures. A HP spokesperson stated that all modern HP printers do require digitally signed firmware upgrades since 2009.
Even worse for consumers and companies: there is no way of telling if a printer's firmware has bee compromised short from physically disassembling the printer and analyzing its chipset output.
According to RedTape, HP is currently analyzing the claims made by the researchers. HP could release a firmware update of their own to resolve the vulnerability. Compromised printers however may have been programmed to block new firmware updates. That's bad on the one hand as companies would have to throw away the printer in this case (or talk to HP to find a solution) and good in another as they have just identified a compromised printer in their network.
The researchers have started analyzing printers manufactured by other companies recently but no results have been posted yet. They say it is likely that printers and other devices with Internet access are also vulnerable. (thanks Jojo for sending in the tip)Advertisement
Ghacks is a technology news blog that was founded in 2005 by Martin Brinkmann. It has since then become one of the most popular tech news sites on the Internet with five authors and regular contributions from freelance writers.