A Twitter user named TheHackerGiraffe claimed responsibility for hacking 50,000 printers worldwide to print out #SavePewDiePie leaflets. The hacker then revealed exactly how he did the hack, showing some glaring vulnerabilities in networked printers everywhere. In this guide, I’ll go over exactly what you can do to make sure your printer is always protected.
How to Protect Your Printer Against Hackers
How TheHackerGiraffe Hacked into 50,000 Printers Worldwide
In a long and convoluted twitter thread, TheHackerGiraffe actually into detail about how he pulled off the now-infamous hack. According to the thread, his intentions were to point out how vulnerable printers (and by extension IoTs) are. Whether that’s true or not, this hack does show just how easy it is for anyone to get access to IoT devices.
TheHackerGiraffe used Shodan, the IoT search engine, to try and find vulnerable printers around the world. He found over 800,000 results and picked the first 50,000 printers running on port 9100. Then, he decided on the message he wanted to print, found a printer exploitation toolkit on Google and typed up a particular script for the hack. He then ran the script onto his server, opened a tmus session, and ran the script there. After leaving the script to run for a while, he came back to find that hack was all over Twitter.
If you look at the twitter thread, you’ll realize that his motivation to hack into the printers started out because he was bored but eventually turned into a demonstration of how susceptible printers and all IoT devices are to hacks.
How to Keep your Printer Safe
There are a few things you can do if you want to protect your printer from being hacked in the future.
Keep Your Printer Offline
The first and most logical way to protect your printer from getting hacked is to keep it offline. Now this might be an easier option for at-home printers or personal-use printers because you don’t really need to have it connected to the internet.
This might not be the best option for an office printer, for example, as having it be a part of your network makes it a lot more useful for the whole office. However, if you don’t absoutely need to have your printer online, don’t do it.
Change the Default Username and Password
This suggestion shouldn’t really be on this list because it should already be common practice. Sadly, it’s not. A lot of people don’t change the default username or password on any of their IoT devices, let alone a printer.
As you can see from the hack I discussed above, all IoT devices in the world can be found on Shodan. To fully understand why this step is important, open the search engine up and type in the word “printer” in the search bar. You’ll see that the results will give you an IP address, a location, if anything is in the queue to be printer, and even the name of the organization the printer belongs to (if applicable), and so much more. In other words, there are enough details in those results to make it very easy for someone to hack into your device.
Changing the Username and Password won’t remove your printer from Shodan, but it will make it a little more difficult for someone to gain access to that printer. Since most hacks are now so wide-scale, this might be enough to get a hacker to drop your device and select a different, easier one to hack.
Turn Off Vulnerable Ports on Your Router
TheHackerGiraffe managed to make more people aware of port vulnerabilities. A port is the location where certain information is sent to. It’s preferable for you to close ports 9100, 515, and everything between port 721 and 731.
You can only close a port through your router’s configuration page. This process differs per router so your best bet is to check your router’s manual for how to do that.
This tip for keeping your printer safe might not be a good option for someone who isn’t tech savvy.
Install a VPN on Your Router
The only way to guarantee that your internet connection cannot be hacked into is to use a VPN. Sadly, since printers are IoT devices, you can’t really install a VPN on them directly. Luckily, there is a way to protect all of your devices, IoT or Smart, with one VPN account.
All you have to do is install a VPN on your router. We’ve written a lot of guides on how to install a VPN to different router types. Feel free to search for yours on our site for a detailed guide.
You can also get an idea of what installing a VPN onto a router entails by reading our general installation guide. You will need to have some technical knowledge to do this, but if you follow the guides step-by-step you should be able to do this either way.
I personally suggest using ExpressVPN as your router VPN because of the incredible service you’ll receive. Also, this VPN provider is one of the few providers that can still access different Netflix regions, so you can also incorporate it into your daily entertainment. See, Installing a VPN on a router means that your Smart TV gets all of the VPN goodness too!
If you don’t want to go with ExpressVPN, try out these top-tier provider instead:
- Best for streaming and privacy
- High speed servers in 160 VPN locations
- Works for Netflix, BBC iPlayer, Amazon Prime Video, and Hulu
- 24/7/ live chat support
- 3 extra months free on annual plan
- UltraHD streaming
- Free Smart DNS proxy
- Unblocks all major streaming services
- Limited Time 72% Discount
- Unlimited VPN connections
- Over 1000 servers
- Ad-blocking feature available
- 7-day free trial
- User-friendly application
- Standalone Smart DNS subscription available
- Extra security features
- Extensions for Firefox and Chrome
- Split-tunneling available
How to Protect Your Printer – Final Thoughts
Security experts have been talking about the vulnerability of IoT devices for a very long time. This time it looks like the lesson might have been too loud to ignore. The Internet of Things has added a lot of value to modern day life, but that doesn’t mean that we should be passive consumers. These devices are vulnerable to hacks, so its up to you to protect your own IoTs. I have a VPN installed onto my router, so I don’t worry about anyone getting to my devices anymore. I highly suggest that all of you do the same for your router. Let me know in the comments if this was helpful. If you have any more suggestions please feel free to share!