Printers: The Overlooked Entryway Into Your Network
Computers, smartphones and tablets—we know these devices are susceptible to cyber attacks and, as a result, take incredible caution to lock them down and cordon them off from cyber criminals. But have you also considered that large device that whirs and flashes as it scans, copies and prints valuable internal information? Your printer is also a prime target for hackers.
Printers are connected to the network like any other endpoint device and can present even greater vulnerabilities. They have evolved since the advent of wireless networking, but the thinking around them has not. IT administrators don’t always see printers as full-fledged networked computers. In a recent survey of 309 IT decision-makers, only 23 percent of respondents said printer data protection was a cyber security priority.
Attackers know printers are vulnerable—and they find them to be increasingly attractive targets. Like any networked device, if not properly managed, printers can expose sensitive data to unauthorized access and misuse.
One of the first known instances of a mass printer attack happened in early 2016 when bad actors tapped into publicly accessible printers on college campuses across the United States. More than a dozen universities, including Princeton and Brown, found anti-Semitic and racist flyers lying in their trays.
Just last year, another incident sent messages to 150,000 printers to distribute warnings that the devices were exposed to the public. Thankfully, the hacker had altruistic intentions and meant the intrusion as a way to raise awareness of the vulnerability.
An agency may never know hackers are using printers as a foothold. Once inside, they have the road map of the rest of the IT environment, giving them the quiet ability to watch network activity and gather info from platform. If a bad actor used unprotected printers to target government networks, they could access troves of data, from personal information of citizens to highly classified information. Or they could use the devices to distribute misinformation, which could be particularly dangerous in a military or intelligence scenario.
Thankfully, there are ways to protect against these kinds of intrusions. Secure print solutions can address document security as well as data in-transit and endpoint devices on the network.
HP printers can detect, protect and automatically self-heal. When a problem is detected, the printers reboot into a secure mode so no damage can be done. For example, HP’s Sure Start feature checks operating code by validating the integrity of the Basic Input/Output System (BIOS) when powering up. If a compromised version is discovered, the device restarts using a safe “golden copy” of its BIOS. This way, problems are identified before they can cause damage to the network.
Beyond that, run-time intrusion detection helps protect printers while they are already on and connected to the network—the time when most attacks occur. This technology checks for anomalies during complex firmware and memory operations, automatically stops incidents and reboots. Since hackers frequently use malware, HP’s Connection Inspector automatically triggers a self-healing reboot if the tool notices an anomaly indicative of malware in the network’s outgoing connections.
This is all to say that printers don’t have to pose a threat. Protecting data isn’t hard if printers are locked down in the same way as other end point devices. Cyber attacks are rapidly evolving. Don’t provide an easy entry point by leaving printers online and unsecured.
For more information on how HP’s secure print capabilities can protect your agency, contact us.