This article is sponsored by HP
For most IT decision makers, printer security is not a topic that usually comes to mind. Providing the IT security department is doing its job and follows the IT security compliance framework, there's nothing to worry about; right? Wrong; think again.
You are likely already familiar that as multi-function printers (MFPs) have expanded their range of features, they have increasingly become a viable threat vector for hackers. With features such as internal storage, Wi-Fi connectivity, cloud-based access, the average MFP can now have over 250 different settings and more than 150 vulnerabilities. Putting that into context, whilst every device carries its own level of risk, the problem is that IT security compliance frameworks have not kept up with these changes. This means that the security procedures in place for your MFPs are likely to be insufficient to protect your network.
For example, does your IT security team do a security audit of your printers? Are they tracking printer sys logs or connecting printer data to your security information and event management systems? Or even, does the possibility that one of your MFPs could be infected even come to mind when thinking about security? More often than not, the answer to these questions is no; and if this applies to you, this needs to change fast.
Rethinking Printer Security
"But just how significant is the risk of a cyber-attack via an MFP anyway?" you might ask. Well, there have been several reported incidents of note. In May 2015, researchers from the Singapore University of Design and Technology demonstrated how a drone and an application running on an Android smartphone could intercept sensitive documents sent to a Wi-Fi printer.
So sensitive documents could still be intercepted even if the drone is not in close physical proximity to the printer (since the drone could hover outside an office window) and is not connected to the local network. Pretty clever, but perhaps this is not significant enough to necessitate change by itself.
Another more serious example involves the infamous Shodan tool, which can be used to detect thousands of office printers - some with gigabytes worth of internal storage - that are connected to the internet. The researcher behind this particular vulnerability, Chris Vickery, found that HP printers with port 9100 left open essentially provide malicious actors with an anonymous FTP server to launch executable code from.
Sign up for Computerworld eNewsletters.