Whenever most organizations are strategizing to deal with cyber threats, they tend to focus a lot on obvious areas of vulnerability, such as PCs, emails, and networks. Often, in-house cybersecurity strategists are talking about protecting endpoints or even personal devices in case of Bring Your Own Device (BYOD). Printers are just not getting the attention they deserve as potential targets for hackers. In December 2018 alone, 50,000 printers were hacked in one attack, and over 16% of security breaches can be traced to a printer hack. The good news is modern-day printer has become more sophisticated and networked than ever before, but the bad news is that the device is as vulnerable to cyber attacks as any other digital asset in your organization. Read on to find out why this is so, and discover the measures you need take to enhance your network print security.
Known or Potential Printer Security Vulnerabilities
Here’s a list of printer security risks that organizations need to address today:
- Print Job Manipulation
If hackers can intercept and decode communication between an online printer and a PC or web portal, they can manipulate and change the original print job. For example, they could edit the address on a shipping label to another physical location, allowing them to divert and steal a shipment.
- Printer as a Cyber-Attack Vector
In a typical DoS attack, hackers may lock an entire organization out of its own printer’s network, making it impossible to use the device. Most ransomware incidences are DoS breaches.
A breached printer can be used to attack other applications in a network. Hackers can use it to run arbitrary malicious code or compromise other systems (for example, by executing a denial-of-service attack on the printer or network).
- Fax Security Vulnerability
The bad guys know that your IT systems may have encryption and firewall protection, but your printer is likely unguarded. They’ll use the telephone lines connected to the printer’s faxing system to deploy malicious code remotely. The printer is part of your company’s IT network, so once a hacker accesses it, it becomes a beachhead from where to launch enterprise-wide cyber-attacks. You could lose critical data this way.
- Saved Copies on Printer’s Internal Storage and Print Data Disclosure
Hackers can target decommissioned printers to access print data from the internal memory or file system. Also, print jobs and hard drives are vulnerable to printer security threats.
Best Practices for Network Print Security
Here are the measures you can take to ensure network security for printers in your company:
- Change the System Admin Password
Set a unique password to your web portal administration panel. Doing that prevents hackers from using legitimate security credentials to gain access to your printer’s network. It’s an effective way to minimize the risk of DoS attacks on your IT systems.
- Disable Unused Protocols
Before an MFD is attached to the network, it is a general best practice to disable services and protocols that are not being used such as: legacy protocols like IPX or AppleTalk, FTP and telnet since they rely on clear text for authentication, Port 9100, LPD on port 515, IPP on 631 and SMB printing.
Encrypt the connections between your printer and the web portal from which you submit print jobs. The Secure Sockets Layer (SSL) protocol is an ideal security standard for this purpose. It makes it difficult for malicious third parties to intercept and decode print jobs (or other communication).
- Fix Bugs and Update Firmware
Hackers don’t seem to sleep—they’re always releasing more advanced malware targeting emerging printer vulnerabilities. Updating your device’s firmware and fixing recently discovered bugs can help beat these malicious actors.
- Stay Offline Unless Necessary
Most hackers rely on public internet to launch remote cyber-attacks. You can protect your printer from such threats by keeping it offline. There are allocations for private internet that may work for your organization, such as RFC 1918. You can also lock web-based hackers out of your printer network by incorporating an IST firewall.
- Secure Decommissioned Printers in the Office
Are you about to discard some old legacy printers? You need to take precautions when decommissioning printers with internal storage. For example, secure these devices in the office to prevent sensitive information from falling into the wrong hands.
Network print security is essential to the overall protection of your IT systems and data. Fortunately, there are practical measures you can take to safeguard your printer’s network. These include encryption, firewalls, patching and updating the printer’s firmware, and blocking public internet access to your fax or printing machines. Our ground team at EPM implements these best practices to optimize printer security around the clock. Contact us to learn how EPM can help you secure your print infrastructure.