An anonymous reader quotes a report from ZDNet: In a report published earlier this month, security researchers from the Shadowserver Foundation, a non-profit organization focused on improving cyber-security practices across the world, have published a warning about companies that are leaving printers exposed online. More specifically, Shadowserver experts scanned all the four billion routable IPv4 addresses for printers that are exposing their IPP port. IPP stands for “Internet Printing Protocol” and, as the name suggests, is a protocol that allows users to manage internet-connected printers and send printing jobs to printers hosted online. The difference between IPP and the multiple other printer management protocols is that IPP is a secure protocol that supports advanced features such as access control lists, authentication, and encrypted communications. However, this doesn’t mean that device owners are making use of any of these features.
Shadowserver experts said they specifically scanned the internet for IPP-capable printers that were left exposed without being protected by a firewall and allowed attackers to query for local details via the “Get-Printer-Attributes” function. In total, experts said they usually found an average of around 80,000 printers exposing themselves online via the IPP port on a daily basis. The number is about an eighth of all IPP-capable printers currently connected online. A normal scan with the BinaryEdge search engine reveals a daily count of between 650,000 and 700,000 devices with their IPP port (TCP/631) reachable via the internet. What are the issues with not securing the IPP port? Shadowserver experts say this port can be used for intelligence gathering, since many of the printers scanned returned additional info about themselves, such as printer names, locations, models, firmware, organization names, and even Wi-Fi network names.
“To configure IPP access control and IPP authentication features, users are advised to check their printers’ manuals,” adds ZDNet. “Most printers have an IPP configuration section in their administration panel from where users can enable authentication, encryption, and limit access to the device via access lists.”