May 4, 2016
CSO reported on printer hacking, notifying users that if they “think that printer in the corner isn’t a threat”, they should “think again”. The printer as an “overlooked attack surface” comes as “many companies don’t bother to update the firmware”, or “don’t include every model in a security audit”, while many assume “a hacker won’t bother”.
The site believes that “because a printer is so innocuous and seemingly harmless, that’s the exact reason it poses a threat”. According to IDC research, 35 percent of all office security breaches “were traced back to an unsecured printer” of MFP, costing businesses around $133,800 (€116,540), and printers are not often protected when “outdated” and running “original firmware”.
Chris Vickery, a so-called white hat hacker and Security Researcher at MacKeeper, told CSO that “printers at first may seem like a benign issue, however you have to remember that they are mini-computers. Getting control of a printer within an organisation can provide a foothold for further attacks and a position to ‘pivot’ out of into networks”. The article added that “gaining access to the network through the printer” is perhaps the “most serious threat” posed by printer security issues.
Other threats include “capturing every document sent to the printer”, causing a “serious business intelligence compromise”, while IDC Security Researcher Arianna Valentini, added that “apart from the actual hacks into the printer itself, another security concern has to do with documents left unattended”. Older printers have no security, so a thief could steal documents, digitise them and “sell company secrets”, and Vickery adds that this “arose partly due to neglect”.
OEMs are also to blame for how they have “failed to protect the devices”, with default password protection said to be “one of the biggest innovations in printer security”. Gartner Security Researcher Lawrence Pingree contributed one further threat, where organisations that require regulatory compliance will see printers “subject to any inquiries”, as much as a laptop might be. Issues are not “brand-specific”, though HP Inc has “stepped up” its printer security lately.
Ricoh machines also experience a “new vulnerability”, as they each have a “backdoor admin account” which allows anyone to login “as supervisor with no password”; you can then change the main admin password, access the account and “change the firmware”. In terms of advice, CSO comments that “it’s too easy to suggest” replacing older machines with new ones, but “the technology in recent models has advanced to the point where it is worth considering”.
Valentini highlighted HP Inc’s new PageWide machines that utilise the Sure Start technology to detect if a printer is “booting using the correct BIOS”, while Xerox launched a new feature in March that “uses encryption for all printing and scanning”, as well as automatically deleting print jobs when a printetr is powered up. She added that “we expect to continue to see more product releases from printer manufacturers and software vendors who are taking steps to better help organisations enable a secure print environment”.
Pingree concluded that it’s important to “see a printer for what it is – another server that is running an operating system and is open to attack”, meaning it needs to be secured. IT admins usually use their own credentials and set up printers, which could leave them open to hacking, and CSO wrapped up its article by stating that “there are too many options for attack […] it’s important to address any possible scenarios, even if the printer then resumes collecting dust”.
Categories : Products and Technology