A Social Media Stunt Proves How Easy It Is to Hack Printers
Many users who care about their privacy use complex passwords to protect their emails or social media accounts, but what about passcodes of devices that many of us use on a daily basis, such as printers? Cybersecurity experts have been trying to warn people about the dangers of leaving their printers and other electronic devices unprotected for quite some time now. Still, a lot of users and companies use default passcodes that come with the purchased machines instead of changing the printer's password to secure it. However, a hacker who calls himself TheHackerGiraffe has managed not only to spread the message to those who need to hear it the most but also demonstrate what could happen if someone with malicious intentions hacked their devices. Further, in the text, we will talk more about the event as well as discuss the dangers behind leaving your printer unprotected.
What was the purpose of hacking the printers
According to TheHackerGiraffe himself, he was searching for vulnerable devices because he was bored. After finding over 800 thousand printers that were vulnerable to hacking on Shodan (a search engine for Internet-connected devices), he decided to attack printers all over the word to print his message. At the time, the attacker still did not know what the message was going to be, but in the end, he decided on asking people to subscribe to a favorite YouTube channel called PewDiePie. Apparently, the channel in question had the most subscribers until an Indian record label channel known as T-Series became its rival. By sending the message, the hacker not only wanted to help his favorite YouTube channel to remain the most subscribed one but also for people to realize how dangerous it is to leave their printers defenseless. As he discovered, there are malicious tools on the Internet that may allow the attacker to damage targeted printers, access files processed by them, hack into the networks they are connected to, etc.
What was the number of hacked printers
As we mentioned earlier, the hacker claims to have discovered over 800 thousand vulnerable printers, but it might have been too difficult to hack so many devices for him alone. Thus, he chose 50 thousand printers running on the same port. Some of the hacked printers belonged to various organizations and institutions; for example, one of the tweets under TheHackerGiraffe's Twitter post claimed the police station's ticket printer printed his message. Other devices belonged to regular home users. In other words, the incident did not target a particular group of people, as the goal was to spread awareness among those who use unprotected printers.
What are the dangers of getting your printer hacked
If no one changes the printer's password to secure it, the vulnerability could be exploited by cybercriminals for various purposes. For example, if targeted devices belong to a company, the hackers could take control of them to steal sensitive information (e.g., documents printed by the device), to insert grammatical or factual mistakes into documents to damage the organization's reputation, or deny access to their printers and ask for a ransom. Naturally, if the targeted devices belong to regular home users, the aim could be to hack into other devices connected to the same network. Moreover, cybercriminals could use the infected machines for Denial-of-service (DDoS) attacks, to distribute malicious applications, steal sensitive users' data, and so on.
Why is it necessary to change a printer's password to secure it
Leaving the default password that was placed by the manufacturer or setting no password at all makes it easy for those interested in hacking the printer to achieve it. Therefore, as soon as you set up your newly purchased printer and connect it to the Internet, you should change or set up a strong password immediately, if you want to prevent hacking. Of course, a passcode alone may not be enough, as there are ways to bypass it by exploiting the printer's vulnerabilities, and so on. Therefore, cybersecurity experts also recommend updating the device's firmware as soon as it is possible. For more information on how it is possible to hack printers and what you can do to prevent it, you should continue reading our previous blog post on this topic.
How to pick a complex password and never forget it
Changing the printer's password to a new one is not good enough, as the combination you come up with has to be strong. If the passcode is easy to hack, it might make no difference. Most cybersecurity specialists recommend using both lowercase and uppercase letters as well as numbers and characters. Also, the combination has to be as random as possible, as patterns and common words might be easy to guess or brute-force. As we have discussed in this blog post, the passcode's length is also critical. The more characters the combination has the more possible variants there are, and as a result, the more time the cybercriminals will need to crack it.
If you do not think you can come with a passcode that would be strong enough or you fear you would forget it soon enough, we recommend using Cyclonis Password Manager. Our dedicated application can not only generate random passwords that can secure your devices or accounts but also remember them for you. Printer or Wi-Fi passwords can be saved using the Private Notes feature. As for passcodes for your emails and other accounts, you can add them by going to the Websites tab or automatically with the help of the software's browser extension. The best part is, you would not have to type them ever again when logging in as the application has an automatic login function.
All in all, the incident did not cause any trouble for anyone. What it did is help spread awareness on how simple it is to hack a printer and how terrible the consequences could be, as no doubt those receiving the message have thought about what could have happened if this was not a joke, but an actual attack from someone with malicious intentions.