According to the News Thousand of Printers Exposed online SSIDs and other data leaked. That was around ten of thousands of printers exposed online and open the door which hacks to steal sensitive information, service disruption, and in cases remote command execution.
A non-profitable foundation called Shadow server which works as a security organization that aims to analyze malicious Internet activity which is particular in IoT.
Even they are the part of a project which called as VARIoT (Vulnerability and attack Repository for IoT) , it was the ultimate goal which provides actionable security-related information about the Internet of Things (IoT)
Exposed Online
The company which monitors these types of issues can normally scan for online printers over TCP port 631 and they start regular scanning as usual and found 4 billion routable IPV4 address on the 5th of June 2020 and it was added open IPP reporting as part of our daily public benefits as the network report on the 8th of June 2020.
The scan indicates that an average of 80,000 printers is exposed online via IPP (Internet Printing Protocol ) on a daily basis, they were able to query those printers which use parameter IPP Get-Printer-Attributes.
The IPP is an Internet Printing Protocol service that enables the port 631/TCP.If an attacker connects the devices it may disclose the result information which manipulates for the printing jobs and in some cases remote code execution.
There are printers that are behind the firewall and theta are directly exposed over the internet shadow server Foundation which provide the country-wise breakdown.
The top countries which are affected are South Korea (36.3k), United States (7.9k), Taiwan(6.7k), France (2.8k), and the others.
There are 79,174 devices that are exposed on the day 7th of 2020,%8,091 devices which are open source printing system CUPS developed by Apple Inc. It also supports macOS and other UNIX-like Operating systems.
“ The out of roughly 80,000 exposed services with a large percentage returned additional printer information attributes such as printer names, locations, models, firmware versions, organizational units, and even printer wifi SSIDS”.
All over the exposing the printer to online without any firewalls may pose serious attacks which can use it a gateway to propagate the further network,
Found this article informative? Follow Vednam on Facebook, Twitter, Mix, Tumbler, and Linkedin to know more exclusive content we post.
You can Also read Articles :
[…] Thousands of Printers Exposed Online leaking WiFi SSIDs […]