Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.


11:00 AM
Connect Directly
E-Mail vvv

Printers' Cybersecurity Threats Too Often Ignored

Remote workforce heightens the need to protect printing systems against intrusion and compromise.

Working remotely was growing more common even before the coronavirus pandemic accelerated the trend. As workers increasingly settle into their home offices, they still need access to company networks and office hardware — particularly printers. In fact, the pandemic led to a spike in the sale of home office printers, according to Deloitte.

This scenario poses a challenge for IT personnel who are working to secure increasingly decentralized networks in today's hybrid work reality. More specifically, it highlights the challenge of protecting traditionally unforeseen targets — printers — against intrusion and compromise. That's of increasing importance: According to Quocirca's 2019 "Global Print Security" report, 59% of businesses in the UK, US, and Europe have experienced a print-related breach in the past year.

Related Content:

More Printers Could Mean Security Problems for Home-Bound Workers

The Changing Face of Threat Intelligence

New on The Edge: ISP Security: Do We Expect Too Much?

IT decision makers are waking up to this reality — 83% of respondents to another Quocirca survey say their IT departments are at least somewhat concerned about the security of information printed on home printers. But whether in an office, at home, or anywhere else, the risks go beyond device and document security. The rise of the Internet of Things (IoT) means today's printers can contain several potential entry points to networks and sensitive data — a threat for which large enterprises and small businesses operating remotely must prepare for.

The Nature of Printer Attacks
Previous generations of printers were equipped with read-only memory, making them less vulnerable to hacking or reprogramming. But modern printers have entire operating systems and writable memory, not to mention the convenience of downloadable apps and online firmware updates. These improvements make blending our physical and digital lives easier and more accessible than ever. They also create potential access points where hackers can insert malicious code to gain access to a network and its sensitive data.

Printing systems can experience straightforward interruption-of-service attacks as hackers exploit old firmware versions to take over and halt the operation of a device. But they can also be subjected to more sophisticated exploitation, such as man-in-the-middle attacks that expose sensitive confidential data. Hackers can also leverage exposed Internet Printing Protocol (IPP) ports to gain access to the network. According to ZDNet, 80,000 printers — nearly an eighth of all IPP-capable printers — are exposing their IPP ports online on a daily basis. That's a profound issue for the countless enterprises around the world transforming at an astounding pace right now.

Making Printing Safer
Printer vulnerability doesn't have to be inevitable. In fact, there are multiple ways to help secure printing systems against malicious interference by third parties: 

  1. Supply chain security: By creating a fully secure supply chain from start to finish, manufacturers can reduce the opportunities for malicious code or third-party elements to be installed in the system before the printer even goes online. Customer verification, digital tracking, and tamper-proof, multilayer packaging all play a part in minimizing vulnerabilities.

  2. Hardware security: Printers can be designed with internal resources to enhance security, including multiple layers of protection that help detect and remediate attacks. Firmware plays a key role in this part of security architecture, making it essential to protect the firmware's original code from tampering within the supply chain.

  3. Secure cartridges: Chips with built-in security and proprietary firmware can help protect against third-party interference at the point where information is transferred from the chip to the printer. Smart-card technology plays a key role in protecting against this vulnerability, helping resist tampering and hacking and reducing the risk of backdoor attacks. A maliciously programmed chip, on the other hand, could stop a printer from working or even create new vulnerabilities.

  4. Proactive testing and improvements: Any firmware is only as good as its code. Manufacturers must proactively test the security of their printers and cartridges to ensure they can withstand malicious attacks. Bug bounty programs are one way to do this; for example, HP is collaborating with Bugcrowd to hire professional ethical hackers to help uncover potential risks in printers and cartridges for an end-to-end security testing approach.

  5. Firmware upgrades: Printers, like most other IoT devices, should always deploy the most current firmware updates. Firmware updates not only deliver the latest features and functionalities, but they also fix bugs and provide protection against the latest cybersecurity vulnerabilities. 

Awareness Is Key
The cybersecurity landscape is immense, and it's far too easy to ignore the critical role printers play in an organization's or an individual's security. Recognizing that risk and making it a priority is the first step in managing and mitigating these threats. IT personnel are becoming increasingly aware of this issue, but it is essential to take steps now to mitigate these risks given that the rise in home offices and decentralized workforces is increasing the potential for malicious interference.

Make no mistake: IT departments are engaged in an arms race against ever more complicated external attacks. Manufacturers need to build cyber-resilient devices and solutions that can protect, detect, and recover from these attacks.

Shivaun Albright is HP's Chief Technologist of Print Security who is responsible for the company's enterprise print technical security strategy. She has over 10 years of cybersecurity experience and four years of experience as standards committee chair, in which she oversees ... View Full Bio

Recommended Reading:

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
PUBLISHED: 2021-06-22
Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via the "Title" parameter in the component "/coreframe/app/guestbook/myissue.php".
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.