Security researchers discovered printers from HP and possibly other printer makers are vulnerable to firmware exploits. Affected printers connect to the Internet and use a "Remote Firmware Update" process to update the printer's software, but because the updates are unsigned they can come from anyone.
Hackers can use the exploit to steal personal information and perhaps even set offices on fire. Columbia University Professor Salvatore Stolfo showed the press how attackers can heat up a printer fuser. During the demonstration paper in the printer turned brown and began to smoke before the printer's temperator-sensor shut off the printer to prevent a fire. But not all printers have such a safeguard.
HP insists it adopted digital signing on all its new printers since 2009, but the researchers found unsigned printers still being sold at office retailers in September 2011.
The attack can occur remotely, if the printer is set up for "cloud printing" as HP is particularly fond of. Researchers scanned the internet and in minutes found 40,000 printers they could have potentially set the "catch fire" command & control package to.
But the true number of vulnerable machines could be much, much higher. Comments Professor Stolfo, "I think it is very wise to broadcast the problem as soon as possible so all of the printer manufacturers start looking at their security architectures more seriously. It is conceivable that all printers are vulnerable. …Printers that are 3-, 4-, 5-years-old and older, I'd think, all used unsigned software. The question is, 'How many of those printers are out there?' It could be much more than 100 million."
Or in the case of good old-fashioned local printers, an on-site attack using a virus laden document print-job can offer equivalent access. Once the printer has received orders, its firmware is updated deleting the standard operating system and installing a malicious variant.
Mikko Hypponen, head of research at Finnish security firm F-Secure, was astounded by the flaw. He comments, "First of all, how the hell doesn't HP have a signature or certificate indicating that new firmware is real firmware from HP? Printers have been a weak spot for many corporate networks. Many people don’t realize that a printer is just another computer on a network with exactly the same problems and, if compromised, the same impact."
More info about the exploit can be read at DailyTech. Security experts warn printer exploits are just the start of a whole new wave of attacks. An increasing number of digital electronics are becoming connected to the Internet, but unfortunately security is usually not a priority when designing these functionalities.