Security vulnerabilities in printing devices

Australian businesses continue to witness the devastating impact of cyberbreaches and the consequences of cybercriminals infiltrating networks. Although it’s predominantly the attacks and breaches to large enterprises that have been widely publicised, small and medium-sized businesses (SMBs) face just as much danger from these threats. Per the ACSC’s cybercrime report, the average cost of a cyberbreach for small businesses was over $39,000, for medium businesses $88,000 and for large businesses over $62,000 in the past year.

To shore up defences and vulnerabilities, businesses will likely start with the technology, applications and devices they use to operate. However, an often overlooked yet vitally important piece of technology equipment to consider when implementing security protocols is the office printer and the vulnerabilities that make this device easier to infiltrate than other devices.

“Businesses should be looking to ensure that every device and technology being used in the business is secure, with defence protocols in place to mitigate the chance of a breach. Office printers may seem harmless enough at first consideration. However, when businesses really dig into the possibilities and areas for a potential breach, printing devices are just as critical as any other device in a workplace to secure,” said Ted Garner, Chief Strategy Officer, Konica Minolta.

We have identified three main security vulnerabilities with printing devices:

1. Document theft

There are two different ways that document theft can occur: physical and digital. Physical document theft is where printed documents are stolen off a printer. Unfortunately, in an environment where printers are easily accessible or reachable by non-business personnel, this can occur quite easily. One way to avoid this is to move printers into an area that only staff can access; however, this can be challenging to do for some organisations, especially if they lack the necessary office real estate. Another option is to implement user authentication requirements so employees must be present at the printer and need to use a form of identification, be it a card to scan or even unique code, to print a document.

Digital document theft can occur when cybercriminals intercept documents that are in transit from a device to a printer over an unsecured network. Many printers used today connect to the internet, which creates a vulnerability for the criminal to exploit the printers’ open network ports and capture data. From January to November 2022, over 10,000 remote access scams have been reported, resulting in almost $20 million of lost money. To mitigate this, businesses should consider what security features the printer has and ensure that it includes elements such as password encryption, data cleansing and virus scanning for optimal protection.

2. Network and data breaches

Printers with an unsecured network leave the whole organisation and its devices open to the risk of a security breach. Cybercriminals only need to infiltrate the unsecured network to gain access to the internal business network infrastructure and internal hard drives in the copier or printer to spy on activities and access confidential information. Once the criminal accesses device hard drives, they then have all the data from every incoming and outgoing document, including those that have been printed, scanned, copied or faxed, at their fingertips. Adversaries can then use this data to exploit the business and hold sensitive information to ransom.

Businesses can protect themselves by setting up authentication controls, limiting access privileges to printers and even using a self-encrypting storage drive, which can act as a security safeguard and protect all data stored on the devices from unauthorised access.

3. Denial of service (DoS)

DoS attacks are designed by cybercriminals to shut down a machine or network. Adversaries that breach unsecured office printers can cause major disruptions to the business by causing system overloads and printer malfunctions. These activities include sending an abundance of printing jobs to a targeted server, exhausting resources like paper, ink and toner supply, and essentially overloading the server with traffic. Although it may seem like the lesser of evils compared with the consequences of a data breach or stolen documents, DoS attacks still cost businesses through downtime, replenishing resources and printer maintenance. To reduce these types of attacks from occurring, businesses should regularly change passwords and update device firmware frequently.

“Complacency about security in today’s threat environment cannot be understated. Every organisation, enterprise and SMB owes it to customers, stakeholders, employees, investors and the business to identify and address security threats. Often overlooked, printing devices need to be considered when securing devices as these can have just as dire consequences as other devices if exploited,” Garner said.

Image credit: iStock.com/skynesher