Columbia University researchers have recently found a security exploit that can not only leave your personal information open for hackers to steal, but can also end up blowing up your printer and setting your house on fire. No, we’re not kidding. The researchers have found that certain internet-connected HP LaserJet printers (but could potentially be any model of internet-connected printers) are vulnerable to a malware attack that would give total control of your printer to a hacker from anywhere in the world.
This security exploit works whenever a certain document is sent to the printer, if that document were to have the specific malware code, it would reinstall the firmware of the printer, granting access to the hacker that wrote the code. And since the printer is connected to the internet, the hacker would be able to control it all times.
Once inside the controls of the printer, the hacker would be able to access all information being sent, potentially stealing personal information. And not only is your personal information and identity at risk, but this access would also allow the hacker to control the inner workings of the printer, such as continuously heating up the printer’s fuser (meant to dry the ink on the paper), which would cause the paper to catch on fire and destroy the printer itself.
So how would you know if your printer is infected, and how would you be able to fix this breach? At this point, the news is grim: there is no easily way to detect or defend against the attack; not unless you’re willing to take out the actual infected hardware and replace it with a different component. Or, you could make sure your printer isn’t connected to the web. However, all is not lost for all HP LaserJet printers. HP announced that this vulnerability has mainly been popping up on older models of the printers and the new and updated versions have a much higher level of security to keep hackers out.
This update, which should make everyone who bought a printer within the last year feel much safer, actually worries security experts even more. The reason being is that with all of our technology now being connected to the internet, it could be just a matter of time before hackers learn new ways of exploiting our internet-connected devices from TVs and video game consoles, to our entire homes. Hopefully security experts stay one step ahead of the hackers and create the type of encryption that will keep all of our digital devices truly safe.
Update: HP has confirmed that the printers do indeed contain a firmware vulnerability that allows hackers to gain access (which HP is currently working on a patch for). As to reports that this hack can start a fire, there is thermal control hardware built into the printers that would prevent the paper from overheating to the point of inflammation. The paper will, however, come out extra toasted.