A team of Italian researchers has compiled a set of three attacks called ‘Printjack,’ warning users of the significant consequences of over-trusting their printer.
The attacks include recruiting the printers in DDoS swarms, imposing a paper DoS state, and performing privacy breaches.
As the researchers point out, modern printers are still vulnerable to elementary flaws and lag behind other IoT and electronic devices that are starting to conform with cybersecurity and data privacy requirements.
By evaluating the attack potential and the risk levels, the researchers found non-compliance with GDPR requirements and the ISO/IEC 27005:2018 (framework for managing cyber-risks).
This lack of in-built security is particularly problematic when considering how omnipresent printers are, being deployed in critical environments, companies, and organizations of all sizes.