Last Updated on July 24, 2018
Nearly every office employee relies on the faithful office printer, though it’s rarely given much thought unless it breaks down or runs out of supplies. But many businesses don’t realize that, like practically everything else these days, modern printers are computers: they contain chips for data processing, hard drives for data storage and Ethernet support for communicating on the company network.
As penetration testers well know, network-connected printers are prime targets for hackers. Like any device on the network, a printer can be—and often is—a stepping-stone from which to bounce attacks on bigger targets. But savvy hackers can also extract sensitive information directly from print jobs.
When a printer receives a job via the network, the job is temporarily stored on its hard drive while the processor calculates font size, graphics, text placement, etc. After it outputs the job, the printer deletes the job file name from the print queue. But, as with PCs, the job file data (including any sensitive information) remains on the hard drive.
In 2010, CBS News ran a segment on the data available from printers. The reporter and a security researcher traveled to a warehouse where surplus printers are sold for pennies on the dollar and purchased several units. The reporter Immediately found that some of the devices still had documents in the flatbed scanner. Meanwhile, the security researcher removed and scanned the hard drives and found a treasure trove of information in every one.
Security issues are not limited to the printer itself—the output can also be hacked. Two of the most common printing languages are PCL (Printer Control Language) and Postscript, created by Adobe. Every common office printer supports one or both languages. In 2017, German researchers were able to abuse Postscript. PCL is also vulnerable. However, this type of attack is unlikely as criminals tend to focus on more lucrative endeavors, such as exploiting printers for financial gain.
Why are printers easy targets? Companies legitimately focus on what they consider more critical assets, such as databases. Many don’t take time to configure printers securely, and few upgrade to newer, more secure printers until older devices fail.
How likely is it that criminals will target your printer? That depends on the value they place on your data.
What can you do to minimize risk? Here are some common-sense security measures:
- Include office printers, including scanner and fax capabilities, in the scope of all risk assessments and applicable regulatory frameworks.
- Modify the company policy to clearly state what may—and may not—be printed. Limit printer jobs to a certain data classification level. If your office prints documents at third-party copy centers, create a policy that limits the use of these services to certain data within an approved data classification level.
- Restrict printer access from within the office. Prohibit access from remote offices, the VPN or from any other external location.
- Disable all unnecessary communication protocols such as Telnet, SNMP and HTTP. Consider using secure printing protocols, such as IPPS or TLS, if the printer supports them.
- If sharing a common printer with other businesses, evaluate the risk of printing sensitive data. Regulations such as PCI DSS would consider printing credit card numbers on printers that are shared with other non-PCI approved businesses as an unacceptable risk.
- Consider disabling the printer’s USB connection and prohibit its use. Test whether employees are able to bypass any USB restrictions.
- Learn about your printer’s security features and take advantage of them. Some printers offer a password option for the employee to enter at the device before it will print.
- Restrict access to the printer’s administrative functions by use of an administrator password.
- When the printer is to be replaced, either securely wipe or remove the printer’s hard drive.
- If a majority of employees need to print sensitive documents, consider installing the printer in a locked room with badge access so that access may be monitored.
- For departments that routinely print sensitive documents, consider installing a dedicated printer and restrict access to that section of the network from the rest of the office.
- Train all employees to remove their print jobs within a reasonable time frame and encourage them to safely discard all output at the end of the day.
- Disable printers during off-hours.
If you have particular security concerns with your internet-connected devices, reach out! Click here to contact us about your goals and concerns.