Hacked Printer Shows How Lax Security Could "Doom" Your Company

We live in a world of instant gratification and hyper-connectivity. Unfortunately, the connections that bring us easy and immediately pleasant results can turn on us just as quickly as they work for us. Nowhere is this more true than in the field of technology. This was recently illustrated when a Canon office printer, connected to an outside computer server, was hacked to play "Doom."

According to pcgamesn.com, the security flaw was intentionally manifested to prove that the overly-accessible printer proved a threat to office data security. The Canon Pixma printers have a web-accessible interface that required no authentication, enabling Context Information Security analyst Michael Jordon to sneak into the system and run a copy of "Doom" on the Pixma's LED screen. This was a playful but serious reminder than any party with unpleasant intent could create firmware to monitor or manipulate the printer's output, which could be instrumental in corporate espionage or sabotage.

As Jordon explained to The Guardian, “If you can run Doom on a printer, you can do a lot more nasty things...In a corporate environment, it would be a good place to be. Who suspects printers?”

Canon has assured its users that an update, requiring a username and password for the Pixma interface, will solve any rogue infiltration programs in all models that had previously been at risk to be compromised. Who says video games never teach you anything?

There are even worse things than these guys waiting to grab your office intel.  (Image courtesy cdn.bloodydisgusting.com.)

1 comment: