Researchers Discover New Printer Security Flaws
November 29, 2011

Researchers Discover New Printer Security Flaws

Researchers from Columbia University said they have discovered a new class of computer security flaw that could impact millions of businesses, consumers, and government agencies through their printers, according to an exclusive MSNBC report.

The researchers said that printers can be remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack secure networks and even cause physical damage.

The team said there is no easy fix for the flaw they found in some Hewlett-Packard LaserJet printer lines.

They said they have informed Hewlett-Packard and federal agencies in the past weeks, and HP said it is still reviewing the details of the discovery.

The Columbia University researchers said the security vulnerability is so fundamental that it may impact tens of millions of printers and other hardware that use hard-to-update "firmware" that is flawed.

"The problem is, technology companies aren't really looking into this corner of the Internet. But we are," Columbia professor Salvatore Stolfo, who directed the research in the Computer Science Department of Columbia University´s School of Engineering and Applied Science, told MSNBC. “The research on this is crystal clear.  The impact of this is very large. These devices are completely open and available to be exploited.”

They said that once a printer's firmware has been changed, Internet-accessible printers could contact a malicious website and receive instructions.

The team said it is conceivable that a subverted printer could send copies of the documents being printed.

MSNBC reported that a demo showed how the firmware turned the fuser on and left it on, browning the paper and throwing off smoke, before the printer's thermal interrupt kicked in.

"Using HPacker, we demonstrate the injection of our malware into arbitrary P2050 RFUs, and show how similar malware can be created for other popular HP printer types. Next, we demonstrate the delivery of this modified firmware update over the network to a fully locked-down printer," the MSNBC report said.

The researchers also said that it is not just printers that could be affected, but Cisco routers as well.


On the Net: