Mailing Systems Technology September/October 2022

Page 22

ARE HIGH-VOLUME PRODUCTION PRINTERS

AN OPEN DOOR TO HACKERS? By Steve Berman

M

odern high-volume production printers are more than just output devices. They are sophisticated network and computing platforms that can become an open door to hackers and malicious software vulnerabilities. Just think: Everything you receive in the mail was printed somewhere. Your tax bill, your credit card statement, your banking documents, even important legal papers all originated on some computer system, which sent a composed document to a production printer. In the early days, printers were output devices connected via various physical peripheral interfaces. The original IBM 1403 line printer introduced in 1959 used a high-speed chain to imprint up to 6¼ feet per second of 11 x 14-inch fanfold pinfeed “greenbar” paper at greater than an average of 23 pages per minute. When running at full throttle, the device sounded like “somewhere between a power saw and a jet airplane,” according to its operators. The worst that could happen back then was to hear silence, which was a rare event, but indicated a system problem like when

22

SEPTEMBER-OCTOBER 2022 | MailingSystemsTechnology.com

the mainframe was waiting for a control signal from the printer, but the printer control tape did not have that particular “channel” hole punched, causing blank paper to slew at top speed in an endless loop. Today’s printers are network devices. Even small desktop printers have integrated Wi-Fi or ethernet and are very much part of the Internet of Things (IoT). These printers can have significant vulnerabilities and can sometimes be used as part of a “botnet” that hackers use to conduct a distributed denial of service (DDoS) attack. In the worst-case scenario, large production printers can be penetrated, allowing the hackers to listen to network traffic, steal documents, and install malware to take control of the device and return later for more damaging activities. Printer manufacturers are aware of these vulnerabilities, but many consumer printer models still use hard-coded “admin” passwords that are rarely changed. Here are some examples of real-world attacks on printers and the dangerous consequences:  Criminals have disabled printers that confirm SWIFT network transfers during attacks on numerous banks in India.