In all of the discourse surrounding cyber security, there are a few standouts. These include the perennials, such as password security and user access control, as well as exciting new upstarts, such as blockchain technology and Advanced Persistent Threats (APTs). These are all well and good, and raising awareness around them is of course welcomed. However, it can be easy to overlook the elements of your workplace that may still pose a threat, but which are perhaps less ‘sexy’, or just a bit weird. Note that an attack exploiting a given vulnerability being unlikely is not the same as it not being worth considering, and will be of little consolation to those who nonetheless fall victim.
Today, we shall look at how something as innocuous as the office printer can be exploited. Yes, printers—those noisy, clunky, unreliable things that every office worker dreams of one day taking to a field and kicking to bits a la Office Space. How could an attacker possibly use your printer against you?
It’s precisely this sort of complacency that makes printers a risk. For a low-tech attacker, consider where a printer may be located within a business. Somewhere secure? Or, more likely, somewhere public, easily accessible to all. Whilst that might be more convenient, it means that all someone has to do is print something sensitive and get distracted before they can go pick it up to grant an attacker in the building a window to swipe it.
At printers, like all tech., grow more and more advanced as time goes by. Now, many printers offer network access. When this access is insufficiently protected, and is accidentally exposed to the wider Internet rather than just the company intranet, you end up with something like a recent situation in which a prankster caused some 50,000 printers around the world to print out notices in support of a popular YouTube star. The attacker later claimed that they had discovered 800,000 vulnerable printers, and had just attacked the first 50,000 out of convenience. Rather less amusingly, a similar attack in 2016 lead to the printing of anti-Jewish messages across a number of US universities.
Now, businesses are having to face a new form of printer-based threat. As modern printers are incorporated into the Internet of Things, the attack surface of businesses that use them is increasing. ‘Consequently, businesses must take a proactive approach to print security as these print devices can provide an open door to corporate networks’, write Quocirca in a recent report. The report also noted that ‘59% [of businesses] report[ed] a print-related data loss in the past year’ and that ‘11% of all security incidents are print related, equating to an average of nine print-related incidents per year’.
Kaspersky have a number of suggestions for improving printer security here, such as disabling printer Internet access and closing certain vulnerable ports, as well as general advice such as changing default login credentials. You may view your office printer as simple, often frustrating and ‘dumb’, but do not underestimate the risk posed by an insecure printer.