Securing your printer

securing your printer.jpg

We all use printers: at home or at work.

They come in various makes and models; some are basic, while others are a mini computer that does almost everything, except make coffee.

But how secure is your printer from being hacked by someone in a foreign country, or the young teen next door? Using the Internet of Things search engine, Shodan, a simple search for a brand of printer, like Fuji Xerox or Sharp, will yield thousands of results showing which of these printers are connected to the internet. Some are only accessible with a password, while there are many that are open via port 80 or 443, with your preferred web browser.

These images show how much information is available within an unsecured printer:

 

printer page1.png
snapshot.jpg

So why secure your printer?

  • It's often plugged into the network without changing the default settings
  • Security patches and new firmware are often rarely updated
  • Many printers are accessible from the internet
  • Printers are like mini computers and so can be hacked
  • If the printer is connected to the internet, it can be used by outsiders

What can a hacker do?

  • Launch a Denial of Service attack (DOS) and crash your printer
  • Use the printer as a platform to attack computers on your business network
  • Install Malware to give back-door-access
  • Store unauthorised data
  • Retrieve scanned and printed documents
  • Use this information to mount a Social Engineering attack against the business
  • Print objectionable material
  • Screw up the printers' settings

Recommendations

  • If you have a basic printer, add a configurable firewall
  • Implement recommended manufacturer's security features
  • Change the default password
  • If available use Access Control Lists (ACLs) to block unauthorised access
  • Remove the default Gateway from the printers IP configuration
  • Turn off unnecessary features, like FTP, Telnet and allowing external access with HTTP and HTTPs
  • Sensitive data? Encrypt the printer's hard drive and even encrypt all documents sent to it from computers
  • Update and patch regularly as required
  • If in a very small office, just plug the printer straight into the computer

Watch this video for more details