Andrei Costin gave a overview about what it means to hack a printer. Hacking a printer is mainly about hacking the PC inside a printer. Today a printer is not only just a printer. The models used in companies usually are connected to the network. Printers provide funtionallities starting with printing, faxing and scanning. Some of them can even send emails with scanned contained. Another interesting fact is, that most printers are available 24/7 on the network. Keeping this in mind they are an interesting target for spionage, data collecting in general, as well as for a base to hack the rest of the network.

If an attacker successfully hacks a printer, he could install malware on the system. This malware could easily protect itself from being removed, by simply removing the functionallity to flash the system. The only way to get the printer cleaned would be to send it in to service. The service would then take messures to excvhange the firmware which are outside the possibilities of a normal user.

Some admins make it even more easy to hack the printers by providing a public access from the internet to the printer. By this an attack vector is opened which can nearly not be controlled. To get an idea, look at the XSS articles previously posted.

To get an basic idea what a attacker could do, I will give you a small list of possible harms:

  • sending documents, which are printed, scanned or copied to an external Email address
  • collecting Identification information of employees who have to identify them self to access the devices
  • providing a base for a Botnet
  • providing a safe harbour for hacking other computers, not only inside your network

If you also consider that most admins don’t monitor printers and their network traffic (“hey its just a printer”), it is more than likely that the attack will not be detected in the beginning.

It might be worth to have a deeper look into this topic.