3D Printers in The Wild, What Can Go Wrong?
Xavier Mertens, a senior handler for the SANS Internet Storm Center (ISC) and Freelance Cyber Security Consultant, has researched and written on the ISC blog about the problems of 3D printers directly connected to the Internet. He says: “We have found more than 3,000 3D printers directly connected to the Internet. These printers are controlled using the open source software package “Octoprint” but it’s likely there are other tools that are similarly affected. Octoprint is not meant to be exposed in this way, and it explains in its documentation how to deploy the software in a safe way.
Since many OctoPrint instances are not properly configured and do not enforce authentication, a user wishing to connect a printer directly to the network would have to configure a proxy to provide for authentication. Once they have access to the printer, an attacker would be able to download the files that describe parts being printed. Some of these files (G-code files) may be proprietary and contain trade secrets. They may also be under copyright. The attacker would also be able to swap out these files, replacing them with files that describe similar parts that are “weakened” to produce substandard or unsafe parts. With 3D printers being used to print anything from toys to medical parts to guns, a part with slightly changed dimensions could have serious safety implications.
In addition, some printers do not have safety switches to prevent them from overheating, which means an attacker could potentially start a fire by uploading a malicious file.
To protect both the 3D printers and the files for parts being printed, it’s the same old story of implementing best practices: ensure network segmentation (i.e. don’t connect the printer to the user LAN); enable the security controls provided by the tool; and control access.”