Could This Printer Security Fail Happen to You?
In early 2017, 160,000 printers all around the world were hacked by a network printer vigilante who took a light-hearted approach to exposing a serious printer security flaw.
The hacker, who called himself Stackoverflowin, had written a script to seek out printers with unprotected internet connections and attack them by printing warning pages that encouraged their owners to improve printer security.
He was creative with the printed pages. Some featured transformer-like robots, while others showed a hacked computer, all made out of keyboard symbols, like giant emojis.
The prints included the vital request to “close this port,” in other words, secure your printers, because they’re vulnerable to a cyber-attack.
Imagine walking up to your printer on an unsuspecting Tuesday and finding one of these images face down on your printer tray. What would you think? How would the IT professionals who work with your printers react? The demand for printer security within an organization would probably rise after a breach like this.
The intent of this widespread printer breach, thankfully, was not malicious. The attack was meant to be a warning. The hacker wasn’t trying to steal any valuable business information or client data, but he was trying to prove that many printers are unmanaged and therefore a network security risk to organizations that may not know any better.
60% of organizations reported one or more print-related data breaches in 2017
This hack could have happened to anyone, anywhere in the world, as long as their printers were unsecured. The 160,000 printers hacked that day were from a spectrum of different printer manufacturers, including Brother, Canon, Epson, HP, Konica Minolta and Samsung. The reality is any printer that is connected to the internet needs to be secured. If it’s not, then it’s vulnerable.
When we talk about a printer being unsecured, that could be as simple as not having replaced the default username and password on it with something unique to your organization. This is a simple-to-fix security measure, which unfortunately not everyone practices. We recently picked up some old printers from a client and found out they still had the default security code enabled. It’s no wonder that 75% of organizations say they’re not completely confident that their internet-connected printers would be safe from a cyber-attack.
Printers are a weak point on many networks. Quiocerca released a study in July of 2017 that listed IT security as a top priority for many organizations. Even so, 60% of organizations reported one or more data breaches involving their printers in the previous 12 months.
How hackers attack a networked printer
The printer attack from Stackoverflowin was an example of a robot-network attack, or botnet, which occurs when internet-connected devices crawl networks for IT security weaknesses and perform widespread data security breaches. This can lead to cyber-attacks, spam, data breaches, malware and other IT security concerns.
The printer hack highlighted an important conversation many organizations still need to have about office printer security, and it plays into the Internet of Things (IoT) security discussion as well, where as we obtain more and more smart devices at work and at home, we need to make sure they’re protected from outside threats. This is vital in all smart devices (i.e. internet-connected) from baby monitors, to thermostats, to refrigerators, to networked printers.
Printer security is an overlooked network security risk
What would happen if the network that got hacked is also used to process credit cards or store medical records? Suddenly, valuable customer data is jeopardized without an organization’s knowledge, all because of unsecured printers. In the months following the attack, have those affected organizations had time or the ability to heed the advice of the botnet print hacker and implement the necessary printer protections?
Protecting valuable data is just one reason why we emphasize the importance of securing your printers.
The Stackoverflowin attack is a cautionary tale for individuals and organizations with internet-connected printers that are left unsecured. It’s an example I use to advise current and prospective clients to secure their printers and in turn protect their overall network. I use it as an anecdote because it shows the risks of the attack and proves a printer breach can happen to anyone.
Read Next: Four Essential Steps to Secure Your Printers
JT is Loffler's Director of Managed Print Services and the resident baker; he treats everyone to his home-made goodies on Fridays!