By Louella Fernandes, Quocirca
The recent news that 50,000 printers were hacked and produced unsolicited print-outs highlights the potential ease with which hackers can access internet connected printers. According to reports, the hacker scanned the Internet to find the list of vulnerable printers with port 9100 open, exploiting them to output a message to urge people to subscribe to popular blogger PewDiePie’s YouTube Channel. This is not the first time this type of printer hack has occurred; in 2017 thousands of printers were hacked through the same port.
While this was arguably a relatively harmless stunt, it brings attention to the fact that printers do present security vulnerabilities. Like any other network endpoint, they need to be protected, and left unsecured they can be the weakest link in the IT security chain. Today’s smart multifunction printers (MFPs) have many points of vulnerabilities.
Along with the capabilities to capture, process, store and output information, most print devices also run embedded software. Information is therefore susceptible at a device, document and network level. Not only can confidential or sensitive data be accessed by unauthorised users, today’s evolving Internet of Things (IoT) threat landscape, hackers that target printers with lax security can wreak havoc on a company’s network. Data stored on print devices can be used for fraud and identity theft and once hackers have a foothold, the unsecured print device provides an open door to the network. Compromised devices can be harnessed as botnets and used as launch pads for malware propagation, DDoS attacks and devastating ransomware attacks.
To address these threats, print devices need to include robust security protection. The challenge is that while more manufacturers are embedded security in new generation devices, most organisations have a mixed fleet of devices, old and new, from different manufacturers.
Organisations must identify, patch, update and replace vulnerable print devices on their networks and a good place to start is with a print security threat assessment. Such assessments are commonly offered under a managed print service (MPS) contract, and seek to uncover security vulnerabilities.
As both internal and external threats continue to evolve, a multi-layered approach to print security is essential to combat the security vulnerabilities that are inherent in today’s networked printers. Unless an organisation regularly tests its defences, it will be at risk of leaving a part of the print infrastructure exposed, enabling a skilled hacker to penetrate the network.
This most recent hack is certainly a warning about the risk of leaving network ports open on the internet. While no malicious intent was involved on this occasion, it is not to say that more sophisticated attacks that seek to access the network via a printer will not occur. Given the potential repercussions of any serious data breach, businesses need to take action to protect and secure their printers.
(8)
Article Link: http://digitalforensicsmagazine.com/blogs/?p=2614