As printers become more sophisticated with more resources, the discovery of new security vulnerabilities is likely to increase, which makes printer security a new focus. Hackers know that IT teams do not always prioritize securing networked printers and consider them an attractive attack vector.
There are many well documented security exploits against networked printers and scanners. Examples include:
Denial of Service (DoS) attacks using malformed SNMP packets to crash printers Remote to installation of unauthorized printer firmware enabling printed documents to be sent to a hacker Printers with hidden URLs hardcoded in the firmware that can be accessed without authentication
The good news is leading manufacturers regularly patch their printers for security vulnerabilities as in this example of an HP LaserJet Security Bulletin.
Printer vulnerabilities can also be used as a jumping-off point to attack other network resources or in some cases to steal data stored in memory. The impact of confidential information being stolen or disclosed is very real and IT security teams need to take a proactive role to minimize this risk.
Recommendations for Printer Security
Use the Printer’s Built-in Security Functions: Printers come with a range of security settings. Start by changing the default password and take advantage of any built-in firewall features on the printer, like whitelisting and user authentication. Restrict or disable services such telnet or ftp running on printers if these are not needed. Lock the device control panel. Update printer firmware regularly or by default to close known security vulnerabilities.
Protect Your Printers: Ideally, printers should not use public IP addresses and should be behind your firewall to prevent access from untrusted networks.
Vulnerability Scanning: Scan printers to ensure firmware updates occur by default and that SNMP and FTP are disabled on printers. See steps using Qualys VM. We recommend you test printers before scanning large numbers as some printers don’t handle being scanned very well. This is usually due to low amount of cached memory being overloaded. Create a dynamic asset group to encapsulate your printers and only conduct a light scan or no scan at all.