Analysis

Preying on your weaknesses

Just like wolves, hackers are looking for the weakest, most vulnerable prey.

Cybercriminals and hackers don't often strike where security is strong. They're always looking for a weakness - a technical flaw, a poorly thought-out process, thoughtless behaviour that can be exploited to access your systems and do what they want. They may not want or need to attack your perimeter or make a direct assault upon your servers, when there is other, easier prey in easy view. While you're busy securing your PCs, infrastructure and mobile devices, they have your printers in their sights.

Advertisement - Article continues below

Why? It helps that printers are almost ubiquitous in business. Most offices will have a number sitting somewhere, often in central locations almost anyone in the building can access. Printers are often on a slow upgrade cycle. IT teams that wouldn't think about fielding a laptop for more than three years will happily run a laser printer for six to eight years and even more.

Most of all, printers are a great target. They have grown much more sophisticated, becoming powerful client devices with their own processing power, memory and storage, upgradable firmware and programmable functions. They process, route and store valuable data, including print jobs and user credentials, not to mention scanned documents in the case of multi-function devices. 

Advertisement
Advertisement - Article continues below

They're accessible, too, connecting to wired and wireless networks and even the Internet for remote printing services. They can be attacked locally through the control panel or via the USB connection, but also remotely through a direct route, a malware-infected print job or cross-site scripts embedded in a website. All it takes is one employee to download and print an attachment or click a link. 

Advertisement - Article continues below

Still, what's the worst that can happen? After all, the most notorious printer hacks of recent years have focused on takeovers of internet-connected printers, forcing them to churn out hate speech flyers or, as in the Stackoverflowin attack in February this year, pages of ASCII art. Is this really the kind of stuff that wrecks a business?

Not on its own, but these hacks only demonstrate one way of exploiting printer vulnerabilities. They could be used to build a botnet or launch Denial of Service attacks. Malicious firmware could be installed and used to manipulate print jobs, overlaying or replacing the real content with false or sensitive material. Backdoors could be added to capture print jobs and user credentials to be sent and viewed elsewhere, or as a means to get into the network and attack other systems from there. A compromised printer could become the initial foothold for a wider attack.

Advertisement - Article continues below

Too few enterprises take this seriously. A March 2017 Spiceworks report found that only 16% of the businesses surveyed regarded printers as a high risk for a security breach. Only 18% monitored their printers for threats. 43% of the companies surveyed ignored printers in their endpoint security practices. It's estimated that only 2% of business printers in the world are secure, yet research from IDC suggested that 35% of recent security breaches are related to print security deficiencies. 

Strengthening printer security

Printers don't have to be your weakness. In fact, there are some steps any enterprise can take, whatever their size and whatever the make-up of their printer fleet. Some holes can be mended just by changing the standard admin usernames and passwords or by shutting down the network ports, protocols and services that many manufacturers leave open by default. HP includes the former step during the initial printer setup and takes the more secure approach to services and ports.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

Meanwhile, make sure you're taking advantage of security features built into or supported by your printers. They could have authentication or encryption tools, protecting print jobs while in transit or at rest. They may work with management tools, to ensure that their activities are properly logged and monitored, or that all printers match corporate policies and secure configurations. Educate users on print security risks as well, so that they're aware that printing files downloaded from the internet may not be a great idea, and what the consequences of doing so could be.

Device-level security

Still, when attackers can be so persistent and so wily, even good security practices may not be enough. That's why HP has invested years of research and millions of dollars into device-level printer security, into technologies that protect the printer at the lowest, sub-BIOS layer, stopping hackers like the Wolf in their tracks.

Secure Booting: On Enterprise printers, HP protects the BIOS the set of boot instructions used to launch the fundamental hardware components and initiate the firmware with HP SureStart technology that validates the integrity of the BIOS every time the printer boots and, if a hacked version is discovered, restarts it using a properly-validated safe version. On HP Pro printing devices, HP Secure boot technology performs the same checks, but places the device in a limited functionality recovery mode until a genuine HP BIOS can be reinstalled. 

Advertisement - Article continues below

Secure Firmware: HP also protects the firmware the software that controls the printer's functions by checking what's installed against a whitelist that ensures only known good, unaltered HP code is loaded into memory. If any variant is discovered, the device reboots to a secure recovery state until a valid update can be installed, with notification via a control panel message or a notice to the IT team. 

Run-time protection: HP run-time intrusion detection protects HP Enterprise devices while they're in operation and connected to the network, checking for intrusions or attempts to run malicious code in memory and rebooting automatically if anything is found. On HP Pro printers and MFPs all run-time code memory is write-protected and all data memory defined as non-executable, preventing malicious code from running effectively.

Security Management: HP JetAdvantage Security Manager can automatically assess whether devices comply with company security settings and policies, then take steps to remediate any issues without the need for direct intervention. New devices become compliant within minutes of being connected and powered-up. Administrators can be notified of any issues using existing Security Information and Event Management (SIEM) tools.

Advertisement - Article continues below

Together, these powerful security features ensure that even a successful attacker can't get a foothold on your printer, and that attempts are recognised and neutralised with the ill effects fixed rapidly. By taking printer security to a whole new level, HP business printers stop the wolves of this world getting their jaws around your network and your assets.

Don't let the Wolf prey on your business.

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement
Advertisement

Recommended

Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020
Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020

Most Popular

Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020