Businesses spend a lot of time, money, and energy on making sure their network is protected and sensitive data secured. Computers have the latest security packages installed and the network itself is encrypted and hidden behind firewalls.
Which is just as it should be. Unfortunately, many businesses have a soft underbelly when it comes to security – their printers.
Often overlooked, a networked printer is vulnerable to attack from an external hacker and there are also internal security concerns which should be addressed.
Are businesses being complacent about printer security?
It does seem that many businesses are underestimating the issue of printer security. Polls in North America suggest 56% of businesses don’t even include printers in their security strategy. It is fairly safe to assume a similar figure applies here in the UK.
A similarly damning statistic comes from the Ponemon Institute which revealed 65% of IT managers believe their printers are likely to be infected with malware.
Why would hackers target a printer?
Because printers are basically mini computers with processors, hard drives, and network links throughout the business they provide a convenient way onto a network for a hacker. Once they have access to the printer, hackers pose a number of threats. They can:
- Use the printer as a ‘gateway’ to the rest of the network
- Launch a DOS attack locking up the printer
- Access confidential or sensitive material from saved documents
- Print malicious or mischievous material
- Change the printer’s settings
- Display malicious messages on the LCD screen
- Access any confidential information held on the printer’s hard drive
- Clone the printer so that any document printed on the hacked printer is also printed on the hackers machine
The above are the main issues they can cause, though resourceful hackers will be able to come up with many more ways to create havoc.
How do hackers attack printers?
Despite having a similar endpoint to a PC, printers are protected less. Those on an open network are vulnerable to attack and hackers have accessed them in the past because the default passwords haven’t been changed.
Default passwords are often the catalyst for large-scale attacks. The massive DDoS attack in Europe in late 2016 was launched through CCTV devices which still had default passwords.
Harder, but no less fertile, avenues of attack are the device’s network interfaces including SNMP, WebUi, and SMTP. If these protocols are compromised the hacker can control the printer, retrieve stored information, and install their own firmware on the device.
How to protect your printer against being hacked
Obviously, the first precaution anyone with any internet enabled printer should take is to change the factory set passwords or admin codes.
Disconnect any printers which shouldn’t be on the network, you can check which of your devices are connected by using the Shodan search engine, and keep devices wired instead of wireless when practical. Businesses should also update old equipment and invest in the latest hardware to protect against attack. Many HP printers have built-in security to protect them against attack.
Printers in HP’s Enterprise series for example have advanced security features including:
- Run-time intrusion detection is a technology which protects the printer when it is at its most vulnerable; when it is connected to a network. It can also check for irregularities in the printer’s memory and firmware
- Sure Start checks the device’s BIOS every time it boots up. If it detects problems Sure Start will shut the machine down and restart after installing a safe copy of the BIOS
- A third technology found on HP Enterprise printers is Whitelisting. This firmware validates the code being run in the printer’s memory. If it detects unauthorised code it will perform an offline reboot and automatically send an advisory message to the network administrator to reload the machines firmware.
Whilst protecting printers against external attack is vital, it is also wise to mitigate against internal issues. There are many potential problems which can arise when using a shared printer in the workplace.
We’ve all done it. Sent a document to print and then forgotten to pick it up or a colleague has mistakenly walked off with it when picking up their own work. Normally there is no problems with this, the mistake is realised and rectified. But, issues arise when sensitive or confidential documents are involved. A misplaced wage slip or a list of upcoming staff bonuses can cause horrendous problems if they become public knowledge. Similarly, private emails about staff performance printed and forgotten about will come back to haunt any line manager.
But, issues arise when sensitive or confidential documents are involved. A misplaced wage slip or a list of upcoming staff bonuses can cause horrendous problems if they become public knowledge. Similarly, private emails about staff performance printed and forgotten about will come back to haunt any line manager.
There are other potential issues when using a shared printer. People clogging up the machine with big print jobs or printing complex documents on the highest settings when only a draft was needed. All are a waste of time and money.
The HP advantage
Fortunately, printers such as the HP 8720 and above are equipped with JetAdvantage Private Print which can restrict access to confidential documents, prevent waste, and save money.
Private Print prevents all the issues we discussed above when confidential information is printed on a shared machine. When using Private Print the document isn’t immediately sent to the printer. Instead it is held in the cloud until the user enters a PIN.
This way the user can wait to print the document until they are physically at the printer. Another advantage of Private Print is that documents are encrypted whilst in the cloud making them much less vulnerable to hackers.
The advantages of the printer only printing documents when the user is at the machine are obvious and can prevent all the issues which can arise when printing out confidential documents on a shared printer. It also encourages more responsible sue of the printer. A person is less likely to ‘print and forget’ a large document if they have to physically enter a PIN.
Another plus is jobs can be cancelled if no longer needed or if the highest settings were mistakenly used for a draft document.
This all saves resources, particularly time and money especially as cloud storage from HP is free.
The importance of printer security
As we have seen printer security is something all businesses should be aware of. It is apparent though that many are still potentially unaware of the issues.
Defending a network against a determined hacker is always difficult, sometimes a forlorn hope, but they can be deterred by beefing up security. One way to achieve this is for your business to not only invest in the latest security software but also the most up-to-date hardware.
The new generation of printers from vendors such as HP are designed to not only produce high-quality documents but their built-in security features ensure confidential information is kept safely away from prying eyes.