Securing the office printer closes an unlocked door hackers exploit to reach company data. A low-level copycat hacker can access a company network through a network printer. Watch out if your printer setup fits the criteria.
- The printer is old and out of support;
- You disregard firmware updates;
- The administrator password has never been changed;
- Look! Is that a picture of PewDiePie coming out of that printer?
Indeed, yes. A group of hackers actually hacked a punch of corporate and home printers in order to print posters in support of the streamer (supposedly in order to bring awareness about cybersecurity, and convince people to subscribe).
Six Steps to Securing the Office Printer
- Assume that network printers are not secure out of the box. Many have default administrator usernames and passwords that must be changed. This is easily configured in the utility settings of a new printer.
- Always make sure to use the latest firmware for any printer. That is how manufacturers fix known vulnerabilities. Out-of-support printers are the most vulnerable because manufacturers stop updating firmware.
- Limit wireless printer connections to a WPA2 encrypted access point. Require log on credential for print functions.
- The difference between consumer and business-class network printers is software for monitoring. Check out: HP JetAdvantage Security Manager, Brother Device Management & Security, or Lexmark Markvision.
- Make sure to turn off unused or unnecessary protocols that allow remote access to your printer. A reliable firewall or UTM guards against MIM printer hacks from outside the network. Configure the network settings so the printer responds only to commands from specified ports on a network switch or router. IPPS protocol is the standard for secure (SSL port 443) printing on new printers.
- Remember: printers store images of the documents they print. Configure a printer to purge its memory, or disable the storage functionality. Alternatively, you may set up encryption using the printer utility or firewall settings to safeguard printer storage.
How much of an issue is office printer hacking?
Insecure factory settings combined with corporate negligence is a wicked combination. A hacker called Stackoverflowin reportedly hacked 150,000 printers from 2016-2017 using a script that detects open ports a printer uses to connect.
In Singapore, cybersecurity researchers strapped a smartphone on a drone, and programmed it to detect open Wi-Fi printers in office towers. It looks remarkably easy to compromise the network through a printer.
Hacking a network printer from the web
In 2013, HP reported and issued patches for networked printers with a vulnerability that showed how a remote hacker could see the admin password as a simple hex representation. The hack also exposed the Wi-Fi password of the network.
Here’s the list of affected printers reported by HP in 2013. Source
Summary
Using a network Wi-Fi printer out of the box is never advisable. New business-class printers make configuring security features a straightforward process. Turn off any unnecessary protocols for access when securing the office printer; you never know when Christian Slater might be lurking around.
