Managed Print Services (MPS) Blog
Finally: A Simple Way to End Rampant Printer Hacking
Feb 19, 2018
According to the Ponemon Institute, an independent research firm focused on privacy, data protection and information security policy, reports that:
- 64% of IT managers believe their printers are likely infected with malware
- 56% of companies ignore printers in their endpoint security strategy
Not a good combination, especially considering that targeting printers is a central part of The Hacker Playbook. Here's what to do about it and how to get started.
The Hacker Playbook
"I probe around for a multifunction printer and see that it is configured with default passwords. Great I am in.
"We've compromised a number of companies using printers as our initial foothold, we move laterally from the printer, find Active Directory, query it with an account from the printer and, bingo, we hit GOLD.
– Peter Kim, author of The Hacker Playbook
Equifax Was Bad But These Hacks Were Worse
You've probably heard that the credit history of 143 million Americans was exposed as part of the recent Equifax breech, but consider there was worse:
What does this tell us? Even the best get hacked.
Known Printer Hacks
- Two researchers at Columbia University in New York found a flaw in ordinary office printers that lets hackers hijack the devices to spy on users, spread malware and even force them to overheat to the point of catching fire. – more from Scientific American
- Affinity Health was fined $1.2 million in August 2014 for HIPAA violations because hard drives on leased MFPs were not erased, exposing health information for over 344,000 people – more from Healthcare IT News
- 29,000 printers across 12 Colleges connected to the internet with an open port were hacked in March 2016, and made to print hate fliers – more from NBC News
- 50,000 printers produced more hate fliers because the same hacker struck again in August 2016 – more from the Southern Poverty Law Center
- 150,000 printers were hacked in February 2017 by a hacker claiming he did so to "raise Awareness about hacking – more from Gizmodo
What Makes the World's Most Secure Printer?
One way to minimize printer hacking risk is to use what HP claims to be "the world's most secure printers. How does HP back up this claim?
It's because HP offers both baseline office equipment security as well as next level embedded device security, the latter of which is where HP really shines and how they're differentiated from other copier manufacturers.
Baseline Device Security for Office Equipment
- Key Security Standards: FIPS 140, common criteria certification
- Security Management Tool Support: security policy compliance tool, Integration with SIEM tool
- Access Control: Group & policy based access control, DoD CAC Smartcards, certificate management
- Secure Communications: configurable certificates, IPP encrypted print, SSL encrypted SMTP, Kerberos, IPSec, 802.1x, disable network ports & protocols, SNMPv3
- Data Privacy: encrypted passwords, encrypted mass storage, encrypted PDF & email, Secure Erase (file, storage, user data)
- Device Protection: physical locks, TPM Support, Code Signing w/ validation via HSM protected key
- Notification: remote reporting of security events, security event logging, syslog alerts
- Recovery: remote initiated recovery from security events
Next Level Embedded Device Security
- HP Sure Start: each device regularly checks its operating code and repairs itself from attempted hacks
- Whitelisting: checks firmware during startup to help ensure it's authentic, good code—digitally signed by HP
- Run-Time Intrusion Detection: continually monitors activity to detect and stop attacks, then automatically reboots
Get a Security Risk Assessment for Your Office Equipment
Our security assessment will determine your level of risk for a breach for each printing device in your fleet. We then offer recommendations for the right combination of software and hardware to close the gaps and keep the hackers out.
Request a Printer/MFP Security Assessment