Tuesday, 05 Feb 2019 11:02 GMT

Vulnerable printers "halved" since PewDiePie hack

Two superfans of YouTube star PewDiePie recently hacked tens of thousands of vulnerable printers worldwide, in an attempt to gain more subscriptions to the channel.

Known simply as “User” and “Hacker Giraffe”, the two teenage hackers remained anonymous in their recent interview with the BBC, where they revealed that in the wake of the hack, the number of vulnerable printers had almost halved.

Speaking to the BBC, User says he got involved after seeing what Hacker Giraffe had achieved with the first hack and was convinced that the number of vulnerable printers was actually much higher than what Hacker Giraffe had said.

They joined forces for their biggest attack which saw 100,000 printers targeted. “I felt like I was doing something good. After this, vulnerable printers are going to drop,” says User. And they did. According to the duo, the number fell from around 60,000 to 39,000 results – a sign, they say, that people are securing their printers.

Technically speaking, the hackers did not really hack anything – instead they exploited open-port vulnerabilities which have been known about for years, just on a much larger scale.

We as manufacturers have a duty of care to educate organisations and help them mitigate any potential risk

As well as printers, the pair targeted smart TVs using Google Chromecast dongles to highlight another vulnerability of the Internet of things (IoT). A video played out on TV screens across the world warning the user to secure their device – and subscribe to PewDiePie.

“In many organisations, there may be many entry points from which their security can be breached,” says Aaron Anderson, relationship marketing manager at Kyocera Document Solutions. “By identifying where vulnerabilities may exist and proactively implementing the right the strategy and processes, this can easily be reduced.

“We as manufacturers have a duty of care to educate organisations and help them mitigate any potential risk. However, organisations must act - I would encourage all organisations to do so today.”

Kyocera says that data stored on printers must be encrypted to limit the impact of a breach, whether it is in the form of e-documents or paper formats.

By ensuring that no documents are copied to uncontrolled destinations or left in output trays, using a protected operating system for printers, closing any open and unused ports, regular device scanning and operating a secure network, businesses can prevent the chance of an attack.

If you have a news story, email summer@linkpublishing.co.uk or follow us on Twitter to have your say.