May 18 2020

Secure a Networked Printer Before It Can Be Breached

Malicious actors can use a networked printer as a jumping-off point to the rest of an agency’s information.

Networked printers are a largely unnoticed weakness in agency cybersecurity — they were part of the notoriously insecure Internet of Things even before the term was in widespread use.

These devices record sensitive information to print and typically keep it on internal storage for extended periods of time. As many networked printers offer additional capabilities, such as scanning or copying paper documents and transferring that information to removable media, network shares and emails, the risks become even greater. 

Attackers who compromise a networked printer could insert themselves into everything the printer does, viewing its inputs and outputs, then stealing, destroying or altering them. Attackers may also target printers because printer security is often ignored, so they can avoid detection by using the printer as a jumping-off point to compromise other devices in the agency. 

Remote attacks — connecting to the printer from the internet — are more than possible, as are attacks through physical access. Those range from the basic, such as stealing printouts or making copies of them, to the more technical, including connecting a flash drive containing malware to the printer and infecting the printer to access all the old print jobs stored there.

These best practices can be implemented by any agency to improve the security of its networked printers. While these practices are generally applicable, supported security features do vary among printer manufacturers and models. Be sure to consult the documentation for each printer or ask the manufacturer for more information on the printer’s security risks and controls.

Follow NIST Printer Guidelines as a Starting Point 

First, use NIST guidance as a starting point for planning printer security. NIST Internal Report 8023, Risk Management for Replication Devices, explains in detail how an agency can manage risk for networked printers during all phases of the system development lifecycle. 

The document includes questions to ask when planning acquisitions, security functionality to look for, and actions to take when deploying printers. It also provides mappings to the corresponding NIST Special Publication (SP) 800-53 controls. 

IR 8023’s appendices include a risk assessment questionnaire table and flowchart to help agencies determine if a printer is considered low, moderate or high risk. The document was published in 2015, however, so agencies should supplement its guidance with recent information on printer security from additional sources.

Be sure to take advantage of the latest and most sophisticated security features. Agencies should also consider requiring them for new printer acquisitions. Examples of these features include a Trusted Platform Module that facilitates secure boot; this helps ensure that the printer only executes authorized firmware.

Application whitelisting can prevent malware and other unauthorized executables from running. In addition, printers should include an auto-erase functionality that securely wipes cached data from printer storage as soon as it is no longer needed, plus a sanitization feature that completely wipes all internal storage media before printer decommissioning.

Prevent the physical theft of unattended print jobs by including an option to have the printer “hold” a print job until the recipient is actually present at the printer and enters a PIN or other form of authentication to start the job.

Also use strong encryption for all network communications to and from the printer to prevent eavesdropping on sensitive data, and include the printer in agency continuous monitoring implementations so that security issues and compromises are detected quickly.

MORE FROM FEDTECH: Learn how to make the transition to managed printing services.

Update Printers Regularly to Increase Protection

Finally, harden each printer to reduce its attack surface. Printers should be made as secure as all the other devices on the agency’s networks, and hardening is critical for accomplishing that. Change all default passwords and make sure all accounts require authentication.

In addition, keep printer firmware up-to-date with patches and upgrades. Make sure that the integrity and authenticity of all updates are verified, such as by having the printer check digital signatures on patches before installing them.

Disable any printer functions, services, network ports and protocols and other capabilities that aren’t needed. And use network-based controls, such as firewalls and routers, to limit direct access to the printer, particularly from the internet.

Hardening printers, along with using the security features they support, can be highly effective at reducing the likelihood of networked printer compromise.

Sometimes the older the printer, the safer it is. Why?

  • It doesn’t store information.
  • It can’t be networked.

Conduct a risk assessment anyway.

  • There might be a vulnerability you don’t recognize.
  • It might be cheaper to replace those printers instead of upgrading them.
Digital Composite: Дмитрий Ларичев/GettyImages (printer); Aerial3/Getty Images (texture)