How Hackers Target Printers Best Practices for Office or Home Printer Security

Printers aren’t always considered in a company’s cybersecurity strategy, despite their presence in every office (and often home offices for all of us who are working remotely). Yet, all manner of sensitive information passes across them every day. That creates a weak point in your cybersecurity strategy. If you want to know how to secure the printers on your network, and keep them from being hacked or the entry point for a virus, this post is for you. Read on to learn about protecting your printers to protect your devices and data.

Printers: The Overlooked Backdoor to Your Network

• Did you think about how your printer is effectively a computer? Most people don’t – except hackers. You might be skeptical about fancy new IoT devices, but printers are a ubiquitous internet-connected device. Modern digital printers contain firmware, processors, hard drives, and an internet connection. That’s everything they need to become a security risk in your organization.
• In 2017, a teen hacker wrote a program that hit 150,000 internet-connected printers around the world, including restaurant point-of-sale receipt printers. That same year, printers at several universities, including Stanford, Vanderbilt, and the University of California Berkeley were targeted in a similar exploit.
• We often overlook printers as a potential entry to our networks because we don’t interact with them directly. Instead, our computers do when we hit “print” at our workstations. In most cases, users don’t think twice about printing invoices, proprietary product designs, customer data, or other sensitive materials.
• However, what many don’t realize is that network connection between our printer and computer runs both ways. In addition to malware that can steal jobs that pass through the printer, hackers also frequently use printers for lateral attacks. In other words, they hack the printer to access your computer, because it’s less likely to have as robust defenses as your computer does.

5 Best Practices to Avoid Printer Security Breach

1. Deploy Stricter User Access Controls

Not every employee needs access to printers. Likewise, printers don’t need access to the network 24/7. You can adjust both employee permissions and printing preferences to limit exposure. You can also set your printer to shut down during off-hours, reducing the amount of time it is online.

2. Keep Your Printer’s Software Updated

Printers often have firmware that helps them function, but they might also have an antivirus or malware software built into them as well. Consult your device’s manual to get a sense of what your printer possesses and what needs upkeep. You also want to know if your printer has security patches or regular updates that should get installed, since outdated software is often a top cause leading to data breaches.

3. Don’t Allow the Printer to Store Its Print History

Many printers like MFPs come helpfully equipped with settings that allow users to store print histories or other sensitive information. While that improves speed and performance, it also makes it easy for hackers to swipe if they access the printer.

4. Require User Passcodes for Shared Printers

In an office setting, you will need to think about physical security too. You don’t want someone to print sensitive documents from across the office, which they forget about or the wrong person grabs from the printer. Printers that hold documents and require users to enter unique passcodes to “release” their documents to the printer can help prevent sensitive documents from getting forgotten, taken by the wrong user, or thrown out.

5. Use Printer Tracking and Monitoring

Print tracking software lets you monitor all of the printing activity that occurs in your organization. By seeing who is printing what, when, and where, you’ll be able to better monitor the movement of sensitive information in your organization and spot suspicious activity before it has the chance to harm your business.

Back Blogs