Working remotely was growing more common even before the coronavirus pandemic accelerated the trend. As workers increasingly settle into their home offices, they still need access to company networks and office hardware — particularly printers. In fact, the pandemic led to a spike in the sale of home office printers, according to Deloitte.
This scenario poses a challenge for IT personnel who are working to secure increasingly decentralized networks in today's hybrid work reality. More specifically, it highlights the challenge of protecting traditionally unforeseen targets — printers — against intrusion and compromise. That's of increasing importance: According to Quocirca's 2019 "Global Print Security" report, 59% of businesses in the UK, US, and Europe have experienced a print-related breach in the past year.
IT decision makers are waking up to this reality — 83% of respondents to another Quocirca survey say their IT departments are at least somewhat concerned about the security of information printed on home printers. But whether in an office, at home, or anywhere else, the risks go beyond device and document security. The rise of the Internet of Things (IoT) means today's printers can contain several potential entry points to networks and sensitive data — a threat for which large enterprises and small businesses operating remotely must prepare for.
The Nature of Printer Attacks
Previous generations of printers were equipped with read-only memory, making them less vulnerable to hacking or reprogramming. But modern printers have entire operating systems and writable memory, not to mention the convenience of downloadable apps and online firmware updates. These improvements make blending our physical and digital lives easier and more accessible than ever. They also create potential access points where hackers can insert malicious code to gain access to a network and its sensitive data.
Printing systems can experience straightforward interruption-of-service attacks as hackers exploit old firmware versions to take over and halt the operation of a device. But they can also be subjected to more sophisticated exploitation, such as man-in-the-middle attacks that expose sensitive confidential data. Hackers can also leverage exposed Internet Printing Protocol (IPP) ports to gain access to the network. According to ZDNet, 80,000 printers — nearly an eighth of all IPP-capable printers — are exposing their IPP ports online on a daily basis. That's a profound issue for the countless enterprises around the world transforming at an astounding pace right now.
Making Printing Safer
Printer vulnerability doesn't have to be inevitable. In fact, there are multiple ways to help secure printing systems against malicious interference by third parties:
- Supply chain security: By creating a fully secure supply chain from start to finish, manufacturers can reduce the opportunities for malicious code or third-party elements to be installed in the system before the printer even goes online. Customer verification, digital tracking, and tamper-proof, multilayer packaging all play a part in minimizing vulnerabilities.
- Hardware security: Printers can be designed with internal resources to enhance security, including multiple layers of protection that help detect and remediate attacks. Firmware plays a key role in this part of security architecture, making it essential to protect the firmware's original code from tampering within the supply chain.
- Secure cartridges: Chips with built-in security and proprietary firmware can help protect against third-party interference at the point where information is transferred from the chip to the printer. Smart-card technology plays a key role in protecting against this vulnerability, helping resist tampering and hacking and reducing the risk of backdoor attacks. A maliciously programmed chip, on the other hand, could stop a printer from working or even create new vulnerabilities.
- Proactive testing and improvements: Any firmware is only as good as its code. Manufacturers must proactively test the security of their printers and cartridges to ensure they can withstand malicious attacks. Bug bounty programs are one way to do this; for example, HP is collaborating with Bugcrowd to hire professional ethical hackers to help uncover potential risks in printers and cartridges for an end-to-end security testing approach.
- Firmware upgrades: Printers, like most other IoT devices, should always deploy the most current firmware updates. Firmware updates not only deliver the latest features and functionalities, but they also fix bugs and provide protection against the latest cybersecurity vulnerabilities.
Awareness Is Key
The cybersecurity landscape is immense, and it's far too easy to ignore the critical role printers play in an organization's or an individual's security. Recognizing that risk and making it a priority is the first step in managing and mitigating these threats. IT personnel are becoming increasingly aware of this issue, but it is essential to take steps now to mitigate these risks given that the rise in home offices and decentralized workforces is increasing the potential for malicious interference.
Make no mistake: IT departments are engaged in an arms race against ever more complicated external attacks. Manufacturers need to build cyber-resilient devices and solutions that can protect, detect, and recover from these attacks.