Monday, March 8, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

80,000 printers are exposing their IPP port online

June 23, 2020
in Internet Security
80,000 printers are exposing their IPP port online
587
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

For years, security researchers have warned that every device left exposed online without being protected by a firewall is an attack surface.

You might also like

Maza Russian cybercriminal forum suffers data breach

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

Hackers can deploy exploits to forcibly take control over the device, or they can just connect to the exposed port if no authentication is required.

Devices hacked this way are often enslaved in malware botnets, or they serve as initial footholds and backdoors into larger corporate networks (Russian hackers already use this technique).

However, despite this being common knowledge among cyber-security and IT experts, we still have a large number of devices that are left exposed online unsecured.

IPP exposure

In a report published earlier this month, security researchers from the Shadowserver Foundation, a non-profit organization focused on improving cyber-security practices across the world, have published a warning about companies that are leaving printers exposed online.

More specifically, Shadowserver experts scanned all the four billion routable IPv4 addresses for printers that are exposing their IPP port.

IPP stands for “Internet Printing Protocol” and, as the name suggests, is a protocol that allows users to manage internet-connected printers and send printing jobs to printers hosted online.

The difference between IPP and the multiple other printer management protocols is that IPP is a secure protocol that supports advanced features such as access control lists, authentication, and encrypted communications.

However, this doesn’t mean that device owners are making use of any of these features.

Shadowserver experts said they specifically scanned the internet for IPP-capable printers that were left exposed without being protected by a firewall and allowed attackers to query for local details via the “Get-Printer-Attributes” function.

In total, experts said they usually found an average of around 80,000 printers exposing themselves online via the IPP port on a daily basis.

The number is about an eighth of all IPP-capable printers currently connected online. A normal scan with the BinaryEdge search engine reveals a daily count of between 650,000 and 700,000 devices with their IPP port (TCP/631) reachable via the internet.

Issues with not securing the IPP port

There are several major problems with leaving the IPP port fully exposed online without any additional protections, such as a firewall or authentication mechanism.

For starters, Shadowserver experts say this port can be used for intelligence gathering. This was possible because a large percentage of IPP-capable printers returned additional information about themselves, such as printer names, locations, models, firmware versions, organization names, and even WiFi network names.

Attackers can collect this information and then search through it for enterprise networks on which they’d want to focus future attacks.

Furthermore, around a quarter of the total number of IPP-capable printers (around 21,000) also exposed their make and model details. Shadowserver researchers say exposing this information “obviously makes it much easier for attackers to locate and target populations of devices vulnerable to specific vulnerabilities.”

Making matters worse, tools for IPP hacking are also readily available online. Tools like PRET (Printer Exploitation Toolkit) support IPP hacking, and they’ve also been used in the past to hijack printers and force them to print various propaganda messages. However, the same toolkit could also be used for much worse, such as taking over vulnerable devices entirely.

Free daily IPP exposure report

The Shadowserver Foundation, says that going forward it plans to publish daily reports on IPP exposure on its website.

“We hope that the data being shared in our new open IPP device report will lead to a reduction in the number of exposed IPP-enabled printers on the Internet, as well as raise awareness of the dangers of exposing such devices to unauthenticated scanners/attackers,” the organization said in a report published this month.

Companies or national CERT teams that have subscribed to the organization’s security alerts will receive automatic notifications if any IPP services are exposed online within their networks and countries’ IP address spaces.

However, the Shadowserver Foundation, which has gained quite a following in the infosec community for its work in fighting and sinkholing botnets, says that companies should look into securing their printers while they still haven’t been exploited.

“It is unlikely that many people need to make such a printer accessible to everyone,” the organization said. “These devices should be firewalled and/or have an authentication mechanism enabled.”

The Shadowserver Foundation’s proactive advice to dealing with internet-exposed devices is consistent with the findings of an academic study from last year, which found that DDoS takedowns are usually ineffective, and law enforcement should focus on getting systems patched in order to limit an attack vector’s usefulness for an attacker.

To configure IPP access control and IPP authentication features, users are advised to check their printers’ manuals. Most printers have an IPP configuration section in their administration panel from where users can enable authentication, encryption, and limit access to the device via access lists.

Credit: Zdnet

Previous Post

Hackers Using Google Analytics to Bypass Web Security and Steal Credit Cards

Next Post

New research institute puts $5 million toward AI to battle COVID-19 spread and its social impact - Pittsburgh Post-Gazette

Related Posts

Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud
Internet Security

Okta and Auth0: A $6.5 billion bet that identity will warrant its own cloud

March 7, 2021
CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now
Internet Security

CISA issues emergency directive to agencies: Deal with Microsoft Exchange zero-days now

March 7, 2021
Linux distributions: All the talent and hard work that goes into building a good one
Internet Security

Linux distributions: All the talent and hard work that goes into building a good one

March 7, 2021
Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool
Internet Security

Check to see if you’re vulnerable to Microsoft Exchange Server zero-days using this tool

March 7, 2021
Next Post
New research institute puts $5 million toward AI to battle COVID-19 spread and its social impact – Pittsburgh Post-Gazette

New research institute puts $5 million toward AI to battle COVID-19 spread and its social impact - Pittsburgh Post-Gazette

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

Here’s an adorable factory game about machine learning and cats
Machine Learning

Here’s an adorable factory game about machine learning and cats

March 8, 2021
How Machine Learning Is Changing Influencer Marketing
Machine Learning

How Machine Learning Is Changing Influencer Marketing

March 8, 2021
Video Highlights: Deep Learning for Probabilistic Time Series Forecasting
Machine Learning

Video Highlights: Deep Learning for Probabilistic Time Series Forecasting

March 7, 2021
Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027
Machine Learning

Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027

March 7, 2021
Maza Russian cybercriminal forum suffers data breach
Internet Security

Maza Russian cybercriminal forum suffers data breach

March 7, 2021
Clinical presentation of COVID-19 – a model derived by a machine learning algorithm
Machine Learning

Clinical presentation of COVID-19 – a model derived by a machine learning algorithm

March 7, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • Here’s an adorable factory game about machine learning and cats March 8, 2021
  • How Machine Learning Is Changing Influencer Marketing March 8, 2021
  • Video Highlights: Deep Learning for Probabilistic Time Series Forecasting March 7, 2021
  • Machine Learning Market Expansion Projected to Gain an Uptick During 2021-2027 March 7, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates