When you need to print a document, you might not think about what happens once you hit the “send to printer” button. However, discovering a significant security threat stemming from a flaw in computer-to-printer communication might have you paying more attention. Researchers found a flaw in the Common UNIX Printing System (CUPS) that hackers can abuse to make DDoS attacks more widespread.
According to the researchers, the CUPS flaw can help DDOS attacks reach up to 600 times more devices. Considering the potential impact such a massive attack can have on a business, it’s critical to make mitigation strategies a priority.
What Is CUPS, and Why Is It Vulnerable?
Apple developed CUPS, an open-source printing system for UNIX-like operating systems, including MacOS and Linux. The system supports communication between devices and printers, using the Internet Printing Protocol (IP) to allow devices to discover printers and send jobs into the queue across the network. Essentially, it will enable you to print your projects and documents, whether you’re using a local or network printer.
Unfortunately, hackers have discovered a CUPS vulnerability that they can exploit to launch vicious attacks; in fact, there are four separate flaws, and when used together, they can wreak havoc. Hackers can create fake printers that CUPS can discover on the networks by chaining the vulnerabilities. When users send jobs to these malicious printers, their device launches a malicious command, which causes it to send repeated requests to the target.
Because nearly 200,000 internet-exposed devices have this issue, CUPS flaw DDoS attacks can weaken organizations with servers that become targets. Security researchers estimate that only about 34% of those exposed devices have the potential of becoming part of a DDoS attack, but that’s still more than enough to launch debilitating attacks in mere minutes.
Protecting Your Network From This New Attack Vector
Cybercriminals don’t waste time taking advantage of recently discovered vulnerabilities, so you must take action now to prevent your business from becoming part of a CUPS flaw DDoS attack. Because so many companies neglect to follow best practices and update older software, it’s easy for hackers to take advantage of weaknesses in no time after their discovery.
Beefing up your network security is the first step to stopping hackers from exploiting the flaw. If printing capabilities are essential within your organization, upgrade to the latest version of CUPS immediately. Doing so will close the loophole hackers can use to deliver their malicious payloads and improve overall security and performance.
In organizations where printing isn’t an essential function, removing CUPS can effectively eliminate the flaw and bolster security. Removing the open-source utility can also free up system resources.
If you have any internet-accessible service ports, be sure to firewall them. Do this regardless of anything else you do to stop CUPS flaw DDoS attacks. Ultimately, you must weigh the importance of printing capabilities against protecting your company.
