For years, security researchers have warned that every device left exposed online without being protected by a firewall is an attack surface.
Hackers can deploy exploits to forcibly take control over the device, or they can just connect to the exposed port if no authentication is required.
Devices hacked this way are often enslaved in malware botnets, or they serve as initial footholds and backdoors into larger corporate networks (Russian hackers already use this technique).
However, despite this being common knowledge among cyber-security and IT experts, we still have a large number of devices that are left exposed online unsecured.
IPP exposure
In a report published earlier this month, security researchers from the Shadowserver Foundation, a non-profit organization focused on improving cyber-security practices across the world, have published a warning about companies that are leaving printers exposed online.
More specifically, Shadowserver experts scanned all the four billion routable IPv4 addresses for printers that are exposing their IPP port. read more here