logo

The Cybersecurity Issue with Unmanaged Printers

Delphine Wilson| August 29, 2019

Like a car thief walking through a neighborhood late at night, cybercriminals look for open doors first.

For a cybercriminal, an open door is any unsecured device that’s connected to the internet. In many organizations, that turns out to be a printer. 

In fact, of all cybersecurity incidents, 11 percent are print-related. And more than half (59%) of these incidents lead to data losses which cost (in total) about $347,000 per year.

Easy Targets: Hackers Love Old Printers

The strength of any chain depends on its weakest link. In the case of the cybersecurity chain, the weakest link is often an outdated, forgotten printer. In fact, a hacker who goes by the name of Stackoverflowin exposed this vulnerability when he hacked 150,000 printers, most of which were receipt and office printers. 

The scary thing is, all the hacker had to do was run a search for printers connected to the internet without basic security controls. 

Fancy Bear, a Russian hacking group, employed a similar strategy when they attacked an office printer, a VOIP phone, and a video decoder to gain access to corporate networks, according to Microsoft. Once the hackers were inside, they targeted other insecure devices to go after valuable targets.

Why Does This Happen?

The reality of why and how cyberattacks happen is a lot less exciting than popular portrayals in movies and shows would have you believe. The Russian hacking group mentioned earlier exploited unchanged default passwords, a vulnerability that could’ve been avoided by simply changing a password. 

Similarly, the hacker Stackoverflowin successfully infiltrated thousands of networks by targeting unsecured printers without basic security features.

Often, these issues are easily preventable with some fairly simple, affordable solutions. In a webcast with an HP Print Security Advisor named Lindsey Hearst, we learned about 10 of the biggest print security risks, all of which are avoidable. Among others, these risks include: 

  1. Lack of printer management
  2. Loose user permissions
  3. Improperly configured printers and copiers
  4. Outdated (6+ months) firmware 
  5. Unsecured output trays

What You Can Do to Stop It

According to Quocirca’s 2019 Print Security Landscape, 62 percent of organizations use managed print services (MPS) to “gain access to print management and security skills which are often lacking in-house.”

Among the companies that were most capable of ensuring the security of their print environment, an even greater portion (76 percent) use MPS. For organizations that can’t or don’t want to dedicate the time and resources needed for a robust in-house print security management team, MPS is a great way to secure the print environment.

Assess Your Print Security

If you’re looking for a quick, easy way to assess your print network security, consider scheduling a Security Manager Quick Assess with ARC. This assessment checks the security settings of your devices that HP’s print security team deems “essential.” 

To learn more about this assessment, or printer security in general, download the on-demand webcast on print network security.

 

Bitnami