You’ve Secured Your Computer, but What About Your Business Printer?

You know all about the cybersecurity threats associated with your computer and know the importance of secure cloud storage for your business, but did you know your company printers are equally vulnerable? Business printers are an often overlooked security risk that can cause major business disruptions, financial losses, and data breaches. 

In 2020, cybersecurity experts from CyberNews hacked 28,000 business printers. Fortunately for those companies, it wasn’t a malicious attack. These ethical hackers were trying to raise awareness about printer security issues, and they only used their access to print a helpful guide called “How to Secure Your Printer.” 

Printers are a tempting target for hackers because they’re connected to the internet, store important information, and are rarely thought of as a security risk. Even a company that’s diligent about protecting work computers from viruses and hackers probably hasn’t given much consideration to securing the printers. (After all, it’s just a printer, right?) With no defense in sight, it’s an easy point of entry. Hackers can quickly gain control of your printer and then infiltrate your corporate network.  

How can a printer be hacked? 

The CyberNews team used specialized search engines to locate IP addresses with open ports. A port is essentially a communication channel that a computer or program uses to connect and transfer information. An open port is one that’s “listening” for connections and, if unsecured, can be used by hackers to gain access to the printer or computer.  

After searching for these open ports and confirming they were actual printers, CyberNews had a list of nearly 1 million vulnerable business printers. To keep the companies’ data private, they created a custom script that would only target the printer’s printing capabilities. An unscrupulous hacker could create a script that’s designed to do much worse.

In 2018, a hacker called TheHackerGiraffe also used an open port to hijack thousands of printers. TheHackerGiraffe forced them to print documents, though their chosen message was about subscribing to a YouTube channel called PewDiePie rather than a guide to securing printers. 

Despite these two “white hat” hackers revealing the extent to which business printers are vulnerable, not much has been done about it. In August 2020, TheHackerGiraffe tweeted, “About 2 years after the printer hacks, still not much has changed. The only way this will change is that if someone starts spam printing large amounts of unwanted ads or harmful content.”

What type of damage can be done with a hacked printer?

In an interview with The Verge confirming he or she was behind the PewDiePie printer hack, TheHackerGiraffe said, “People underestimate how easy a malicious hacker could have used a vulnerability like this to cause major havoc. Hackers could have stolen files, installed malware, caused physical damage to the printers and even used the printer as a foothold into the inner network.”

Let’s break down what each of those possibilities looks like.

Stealing files

Most modern business printers store copies of recently scanned or printed documents. Printing and scanning important documents are part of daily life in an office, so there’s likely to be a lot of sensitive data stored on your printer. These types of business files contain valuable information about your business and your employees. A hacker could easily exploit this data after gaining access to your printer.

Installing malware

Printers are rarely protected by antivirus or anti-malware programs. Hackers can install malware on them by pushing through an update that contains a virus or sending employees malicious (but legitimate looking) attachments from the printer. 

The goal here isn’t usually to simply infect the printer. The real targets are the devices connected to your printer and your corporate network. Once the hacker controls these, they have all the data they need to steal employee identities or intellectual property, launch ransomware attacks, and any number of other exploits.

Causing physical damage

Business printers are an expensive investment and are an integral part of a functioning office. If a hacker infiltrates your printer (or, even worse, a fleet of printers), they can “brick” it, rendering it useless. It’s a costly problem to fix and can wreak major havoc to your business operations. 

Accessing the inner network

A hijacked printer can serve as a path to connected devices and your computer network. This gives the hacker unrestricted access to your company’s confidential information (think: customer lists, credit card numbers, login credentials, employee social security numbers). They can also use this position to launch any number of attacks, from holding your business data ransom to taking down an entire network through a distributed denial of service (DDoS). 

How to protect your business printers

CyberNews created a detailed guide explaining how to protect your printer from hackers. We’ve broken down the main points below, and you can access the step-by-step guide here.

  1. Disable network printing.
  2. Secure printing ports 515, 721-731, and 9100. 
  3. Use a firewall to restrict access to network traffic.
  4. Update your printer firmware to the latest version. Firmware updates are often issued to patch security weaknesses, so it’s important to stay on top of them.
  5. Update your login credentials. Create a unique and complex password that’s at least 16 characters long.

Keep your business data secure

Technology is steadily becoming more complex and hackers more sophisticated. Protecting your business files and other data is an ongoing challenge, but it’s vital to your company’s success. After taking steps to secure your printers, be sure to evaluate the safety of your file storage and file-sharing methods. If they’re not up to snuff, we can help. Try Onehub’s secure cloud storage and file sharing free for 14 days