Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Think that printer in the corner isn’t a threat? Think again

John Brandon | May 4, 2016
Sitting in the corner, sometimes collecting dust, is an overlooked attack surface

Lawrence Pingree, a security researcher at Gartner, says printers pose one additional threat. An organization in the healthcare or finance sectors, where regulatory compliance is required, a printer is also subject to any inquiries – it poses a compliance risk just as much as a laptop.

The experts all said the printer security issue is not brand specific. There is a widespread problem of older printers from Canon, Xerox, HP, and many others that merely use the default firmware or don’t use any password protection for print jobs, and yet are attached to corporate networks, either through a LAN connection or over Wi-Fi.

Vickery did mention there have been reports of printer security issues with HP models, but that may have more to do with the popularity of that brand. As a result, HP has also stepped up their security, according to Pingree, mostly as a response to the potential for hacking.

Vickery says there is a new vulnerability related to Ricoh printers. He says every Ricoh printer has a backdoor admin account. To use this account, you login as supervisor with no password. At this point, you can then change the main admin password. Once you have access to the admin account, you can then change the firmware and potentially install a Trojan firmware.

Printer security tips

It’s too easy to suggest one ultimate security tip: Replace outdated printers with newer models that have protection – which would be a nice boon for printer companies. Yet, the technology in recent models has advanced to the point where it is worth considering.

Valentini says new innovations have come just in the past six months. For example, the latest HP PageWide models use a new tech called Sure Start that detects whether the printer is booting using the correct BIOS. An HP Whitelisting feature also checks to make sure the firmware has not been hacked.

Also, Xerox introduced a new feature in March of 2016 that uses encryption for all printing and scanning. Another new feature automatically deletes print jobs at power up, which reduces the likelihood that a hacker could attack a printer that is storing old print jobs.

“We expect to continue to see more product releases from printer manufactures and software vendors who are taking steps to better help organizations enable a secure print environment,” says Valentini.

Pingree adds, other than using some of these innovations, it’s important to see a printer for what it is – another server that is running an operating system and is open to attack. This means securing it just like any other endpoint and treating it as a vulnerability.

He also said it is fairly easy to overlook a common problem; it’s usually the IT admins who configure printers, and they might do so using their own credentials, potentially exposing their access privileges. An attacker could conceivably tap in and steal them.

 

Previous Page  1  2  3  Next Page 

Sign up for Computerworld eNewsletters.