On 25 October 2016, the UT Information Security Office released lists of 115 printers in CNS that are on public-facing IP addresses, making them accessible from the internet. Many of these printers were installed with all their services enabled and without their default admin passwords being changed.
Printers on public IP addresses pose security risks and are being exploited by bad-faith actors. Printers on campus have been used by bad-faith actors to print out offensive propaganda. Bad-faith actors have also sent commands to exposed printers to print out gibberish until all paper in the trays has been consumed. Furthermore, printers and other Internet-of-Things (IoT) devices on public IP addresses are being exploited in massive botnets, which in turn are being used in massive denial-of-service attacks against legitimate businesses on the internet.
To address these issues, the college's Office of Information Technology will be sending out student workers to move printers that are on public IP addresses onto private ones, as well as to change the default admin passwords of those printers. To facilitate their work, we will be asking that the student workers be given access to the space and printers so that they can reassign printers and test to make sure that customers can print as usual. (This often requires access to customers' computers, as well.)
By moving all printers in CNS that do not need to be exposed to the internet onto private IP addresses, we hope to end the annoyances to our customers and the waste mentioned above, as well as to securely manage a key IT resource.
Written by CNS OIT staff
Questions or comments? The best and easiest way to contact us is via the CNS Help Desk form.