When we think about data security, we most often consider computers and computer networks as ground zero in the battle against data hacking and cyberattacks. But office printers, copiers and multifunction devices can also present a significant risk that experts warn is too often overlooked. Because most office copiers and MFPs are networked devices, they are just as vulnerable to threats as any other IoT device – and yet the most overlooked when it comes to security.
Ever since the inception of LaserJet printers back in the late 1980s, printers have presented security issues. And the risks expanded when printers morphed into the networked, multifunctional business machines that they are today. The evolution of the office printer — from paper pusher to a connected device that can fax, email, scan, capture, and route information — means malicious actors have one more tempting target to attack.
Perhaps the most famous printer hack occurred in December 2018 when a Twitter user targeted more than 50,000 insecure printers and forced them to print off streams of paper, each urging the victims to “Subscribe to PewDiePie.” If you’re not familiar with PewDiePie, he’s a famous YouTube personality and the hijack appeared to be a brute-force attempt to raise the video star to the top of YouTube’s ranks. While essentially a prank, the hacker revealed a deeper intention in an anonymous interview with The Verge: “People underestimate how easy a malicious hacker could have used a vulnerability like this to cause havoc. The whole process took no more than 30 minutes.”
Cybersecurity experts continue to warn us about the security vulnerabilities of printers. One team conducted an experiment in August 2020 aimed at demonstrating the importance of protecting printers from becoming easy prey for cybercriminals. Experts from CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. A custom script was specifically designed to only target the printing process without gaining access to any other features or data stored on the printers. The ease with which this was accomplished speaks volumes about the general lack of protection of networked printer devices worldwide.
To perform the experiment, the good-guy hackers used Internet of Things (IoT) search engines to search for open print devices that utilized common ports and protocols. What they found were more than 800,000 printers that had network printing features enabled and were accessible over the internet. After selecting a sample of 50,000 open printers, the CyberNews team managed to print out PDF documents on 27,944 unprotected devices.
“As we can see, many users and organizations still use internet-connected devices without thinking about security, installing firmware updates, or taking into account the implications of leaving their devices publicly accessible,” said CyberNews. “This means that the humble printer remains one of the weakest links in the security of both organizational and home networks.”
Are you at risk?
The data security risk associated with printers is higher than most people realize. Printers are accessed by a variety of people and, given their storage capabilities, can contain enormous amounts of data. This can be highly sensitive information that includes every document that’s been printed, scanned, or sent via that device. And because printers are often connected to company emails, once a hacker gains access to information he can simply email it to himself with no one the wiser.
Printers are risky because IT staffers often don’t take the necessary steps to protect them. For example, one of the most critical moves – changing the default password to something strong and unique – is too often never taken. Ignoring that simple step gives almost anyone access to the printer.
Wireless printing brings additional risk because it expands the potential access points for hackers. With Wi-Fi, an attacker can carry out proximity attacks while being physically outside the building. Once access is gained, the cyberthief has the ability to connect the printer to a malicious network, steal and reroute information, and execute harmful code without anyone noticing.
Manufacturers must act
It’s not just IT techs and users that need to take heed; manufacturers and suppliers must also take additional measures.
“It’s very important that manufacturers continue to invest in security for all devices, just as corporate IT teams should guard against IoT-related vulnerabilities,” said Matt Lewis, research director at British cybersecurity advisory NCC Group. NCC is famous for discovering in 2019 that printing systems from a number of leading manufacturers had vulnerabilities that, when left unpatched, could allow third parties to remotely access corporate networks. “Building security into the development lifecycle would mitigate most, if not all, of these vulnerabilities,” said Lewis in a statement.
Printers are an often overlooked soft target that can make a cyberattacker’s job much easier, despite extensive built-in security features. What can you do? Protect your printer as you would protect any other device on your network. Follow these best practices.
Turn security options ON. The irony is that most enterprise printers today ship with sophisticated security controls that can be configured to suit most users’ needs but are typically turned off by default. And since many organizations outsource their printers to managed print services providers it’s easy for security options and configurations to slip through the cracks. Security leaders often have poor visibility into printer deployments because procurement is usually done outside of the IT purchasing cycle, without the security team in the loop. So make sure to turn on the available security options.
Keep the printer operating system up to date. Updates allow greater security for your printer and can keep it less at risk. Some updates even work to fix security breaches. The trouble is that printers often go unpatched. A Ponemon Institute survey of nearly 3,000 cybersecurity professionals found that almost half of organizations suffered a data breach in the last two years. Of these, the majority said that they had been breached because of a vulnerability for which a patch was already available. It is important, therefore, to ensure printer operating systems are patched and up-to-date.
Change user PINs and passwords regularly. You may occasionally think about passwords for your computers and network systems – and the need to periodically change these passwords – but when was the last time you updated the password for your printer? If a password is unchanged for a long period of time or is the same across all devices, there is a higher chance of a security breach. So it is important to periodically review and change printer passwords. And remember, do not use default passwords such as “1234” or the actual word “password.” (Don’t laugh … it happens with printers more than you think).
Use multifactor authentication (MFA). You can provide enhanced security using MFA, a system that verifies a user’s identity by requiring multiple credentials. For example, if a printer requires a personal PIN to use, you could enter the PIN, then use a two-factor authentication to prove your identity on your phone or your computer. These typically include several things: something you know (a password), something you have (a key fob or a SIM card), and something specific to you (a thumbprint, a location, or a specific time). By adding these additional layers of security you make it harder for bad guys to log in as if they were you.
It may not always seem like it, but your office printers can play a big role in your data and document security. Printers hold a great deal of information and provide an easy access point to your office network, making them very vulnerable to security breaches. It’s time to see them as the full-fledged networked computers they really are. Attackers do. It is important to make printer security a priority in your organization to keep your data safe. Protect your network by following these best practices for networked printer security. Like any networked device, if not properly managed, they can expose sensitive data to unauthorized access and misuse.