3D printing has the potential to revolutionize manufacturing and the way individuals consume and reuse products – plus it’s a lot of fun! But this early-stage industry has some potentially serious security issues that need to be solved before 3D printing can become an everyday tool in the home and on the assembly line. WatchGuard CTO Corey Nachreiner explains some of these issues in a new guest article published in Help Net Security.
Corey explains his four main concerns with 3D printing security: 1) that 3D printers have software vulnerabilities like any other embedded computers; 2) that those flaws are exposed if the printer is networked; 3) that print files could be sabotaged to weaken the final product; and 4) that 3D printing can be used by hackers and cyber criminals to create tools for themselves (such as 3D printing realistic-looking credit card skimming devices). Here’s an excerpt from Corey’s article where he explores and discusses 3D printing software vulnerabilities, specifically the flaws in Marlin firmware:
These simple RepRap printers often use a fantastic open source firmware called Marlin. Just last June, an external researcher found a significant buffer overflow vulnerability in the Marlin firmware. Without going into technical detail, if an attacker can trick a printer owner into loading a malicious 3D printing file (I’ll talk about G-code later), they could exploit this flaw to execute arbitrary code on your printer. Theoretically, attackers could leverage this type of flaw to load a malicious process, or perhaps install some sort of “trojanized” firmware.
Read the full article on Help Net Security to learn more about these 3D printing security flaws, and hear what Corey believes the 3D printing industry can do to fix these issues. To understand more about how another cool modern technology meshes with cyber security, read the first part of our Secplicity blog series on artificial intelligence here.
Leave a Reply