Article By: Tyler Kairys (Senior Marketing Specialist • ComDoc, A Xerox Company)
Currently, one of my favorite shows to binge watch is USA Network’s cyber-thriller, Mr. Robot. Coming from a self-admitted “technophile,” the show can be surprisingly accurate, which is refreshing, given how the entertainment industry has historically treated how a “hacker” performs their craft. Throughout the course of the series, the fictional hacking group, “F Society”, uses real-world methods and toolkits like the Kali Linux distribution, Raspberry Pi builds, DDoS attacks, and even social engineering.
Recently (well, for me at least since I’m catching up) during an episode in Season 2, one of their hacks echoed something I remembered reading about back in 2011. The main characters uncover an exploit within the firmware of a group of UPS devices (Uninterruptible Power Supplies, or battery backups) that help maintain the climate control of the storage facility for millions of financial records. They learn that through this firmware loophole they are able to upload lines of malicious code that can trigger an actual explosion by overcharging the batteries inside the UPS hardware.
Crazy, right? Well, as soon as the plot began to unravel, I immediately recalled this study done in 2011 by researchers at Columbia University where they discovered a strikingly similar exploit (albeit much less sinister in intent) within certain HP networked printers allowing them complete control to the devices remotely. In one particular instance, they were able to demonstrate how they could continuously heat the printer’s fuser, causing a small electrical fire within the device and in some cases causing the paper to turn brown and smoke.
That, of course, bears this question:
Is anyone ever going to make your printers catch on fire remotely? Of course not. Keep in mind, those findings were done nearly a decade ago. All instances of those exploits and anything related have since been resolved, but it doesn’t change the fact that printers can be an extremely vulnerable component of any network if not treated properly.
In our reality at ComDoc, printers and copiers are at the center of our universe. It’s what we do and what we work with every day. However, outside of our doors, it’s very easy for networked printing devices to be overlooked. In some cases they’re considered disposable tools; one breaks, unbox another, and replace. While most organizations are always looking to improve printing efficiency, security is something that should never be an afterthought.
We could probably come with dozens of tips to help improve your printing security. For today, we’re going to look at the top five things that can be put into effect almost instantly to help improve and strengthen your security efforts.
1. Change your passwords
I know, it’s amazing I have to even mention this, but you would be flabbergasted to learn just how many organizations implement networked printers and never change the default administrator credentials. Sometimes it’s an easy oversight, especially with desktop printers and devices that are found in low output areas.
Keep in mind, default login information for any device can be found within seconds through a simple Google search. If someone with the wherewithal can access the administrator dashboard of your network printers they could potentially see and intercept the documents that are being printed.
For smaller organizations or an office without a lot of printers to manage, this task can be completed fairly quickly. For larger networks with hundreds of printers sprawled across dozens of locations, it could be quite a chore. If you already have a solid print management strategy in place, especially printer model standardization, you may be able to find a tool from the manufacturer that could complete this task as a batch process. For instance, Xerox offers their CentreWare Web application free of charge. This print management tool allows you to monitor and administer your printers and copiers in a manner similar to the group and user policies found in an Active Directory environment.
2. Keep your firmware updated
We live in an age where everything has firmware, the software that is written into a device’s hardware. Refrigerators, vacuum cleaners, automobiles… it seems like everything has firmware now – and of course, printers are no different. These essential updates can include anything from adding features onto your devices to applying security patches for protection against recently discovered exploits.
It’s good practice to make sure you implement a regular a schedule to check and keep your printer’s firmware up to date. Some makes and models are capable of doing this automatically, while others may require more manual intervention.
Here’s a helpful list of links that will take you to the service and support pages for the most popular printer and copier manufacturers. You can find firmware updates and more from these portals listed below:
3. Disable unwanted features and unused network ports
Printers and copiers are becoming a lot like cars in terms of features and add-ons. While it’s amazing to be able to connect your copier to cloud services like Google Drive, Dropbox, and Office 365, sometimes it’s better to use only what you absolutely need. Many devices allow you to turn off unwanted features and disable network ports that aren’t being used. Not only can this help with security by closing down unmonitored points of entry, in addition, it can also clean up the user interface and make it easier for users to navigate as only the desired functions will be visible to your teams.
Important tip: Be sure to consult your IT support team prior to disabling any network ports on your printing devices. They should be able to provide guidance on which ones need to remain open for printing and functions to operate as intended
4. Avoid using domain administrator level accounts in the device
The majority of modern printers and copiers have the ability to integrate with Active Directory and other network services. This can be to populate global address books through LDAP or to scan to a user’s predefined home directory. For most of these functions to operate, they require that the printing or scanning device has some sort of account tied to the network entered into their administrator dashboard. Ensure that whatever account you use has only the access that it needs; avoid using administrator-level accounts. If possible, create a separate user on your network for these devices with security policies and access rights configured with the absolute minimum to complete its functions.
5. Don’t forget about the stuff you print
Here we’ve been talking about how to secure printing devices to thwart unwanted remote access, but what about securing the actual files you’re organization is printing? How many times have you walked up to a printer only to find documents sitting there, sometimes files confidential in the matter?
Many printers, specifically multifunctional devices (copiers), allow for documents to be stored within the device only to be retrieved when the owner physically walks up and enters a password or PIN number. Most models refer to this as “Secure Printing” or “Locked Printing”. It’s typically a feature that can be set as a default and takes only a matter of minutes to configure. Secure Printing is an option that we find used heavily within Education (IEP printing), Healthcare (patient records/HIPAA), and the Legal industries, but it can be applied to almost any office or industry.
“…it’s very easy for networked printing devices to be overlooked. In some cases they’re considered disposable tools; one breaks, unbox another, and replace. While most organizations are always looking to improve printing efficiency, security is something that should never be an afterthought.”
Printer security is something that shouldn’t be taken lightly. Modern printers and copiers are as robust as ever and they’re going to continue to evolve as cloud services and mobile devices become more commonplace in the work environment. Preparing a proper network printing security strategy today will not only help your organization immediately, but it will prepare your team for the future. Also, choosing the right devices and vendor can make the process that much easier. ComDoc features Xerox copiers and printers powered by ConnectKey, the benchmark leader in innovation and security. Our experts can work with your team to develop a secure network printing strategy that will let your team focus on other tasks at hand.