Bomb Threats Received in New Jersey via Networked Printers & Fax Machines

By Ron Benvenisti. Within the past week, numerous businesses and organizations in New Jersey and across the United States have reported bomb threats received via networked printers and fax machines, as well as through email.

The NJCICC reported today that on Tuesday, at least 12 New Jersey organizations received bomb threats, however, none of which were deemed to be credible. Similar threats were received by schools and hospitals across the nation which forced evacuations, disrupting operations and costing both the victims and first responders time and money.

Internet-connected printers and faxes have been compromised to deliver threats in similar incidents in the past. In March 2016, several universities reported receiving Nazi propaganda via their printers and, in February of this year, a teenager in the UK reportedly hacked 150,000 printers, including those connected to restaurant point-of-sale systems. In both cases, the perpetrators claimed their intentions were to highlight the need for organizations to better secure their printers and networks, and their point is not unfounded. A quick search on Shodan, a search engine for internet-connected devices, reveals large numbers of printers that are open and exposed to the public internet. Currently, in New Jersey, approximately 800 devices with port 9100 open to the internet, there are nearly 1,000 devices with port 631 open, and over 2,100 devices with port 515 open. These are ports typically used by internet-enabled printers and, with minimal effort or technical ability, can be used by hackers to remotely send print requests to networked printers.

Organizations using internet-enabled and multi-function printers isolate them from the public internet, change the default password to the administrative control panel, close all unnecessary ports and services, whitelist IP addresses/IP subnets or require a VPN to access the local network, and keep all firmware updated. If you receive a similar threat, immediately report it to your local police department and submit an incident report to the NJCCIC.

Ron Benvenisti
CyVision Technologies, Inc

This content, and any other content on TLS, may not be republished or reproduced without prior permission from TLS. Copying or reproducing our content is both against the law and against Halacha. To inquire about using our content, including videos or photos, email us at general@thelakewoodscoop.com.

Stay up to date with our news alerts by following us on Twitter, Instagram and Facebook.

**Click here to join over 20,000 receiving our Whatsapp Status updates!**

**Click here to join the official TLS WhatsApp Community!**

Got a news tip? Email us at newstips@thelakewoodscoop.com, Text 415-857-2667, or WhatsApp 609-661-8668.

1 COMMENT

  1. I’m a salesman and visit many of my clients on a weekly basis. My phone is set to always look for open Wi-Fi connections for my Waze and GPS Navigation as well as just getting a fast connection for my email, etc. So many times I get notified of an open Wi-Fi connection that turns out to be a printer. I’m going to pass this on to my clients where this happens. Thanks for pointing it out. I always enjoy your articles, especially when they hit home like this one. Please keep it up and thanks.

Comments are closed.