April 19, 2022
When most people think about cybersecurity, they tend to think about every device that's connected to the internet except for one: the office printer. It's a common blind spot and one that hackers have been exploiting in the last few years. Although a Dutch TV channel grabbed a few headlines in 2012 announcing printer vulnerability, perhaps the most notorious early printer security incident was in 2018, when hackers forced 50,000 printers to produce unauthorized documents urging readers to subscribe to PewDiePie's YouTube channel.
It was funny to a lot of reporters around the world, but cybersecurity experts weren't laughing. After all, if your printers are vulnerable to hackers, eventually someone's going to hunt for bigger game instead of simply creating a modern marketing stunt. As it turns out, it didn't take long. According to Quocirca, over 60% of organizations reported at least one print-related data breach in 2020.
Common Printer Vulnerabilities
Just like any other networked device, today's printers have more in common with your laptop than they do with some of their early ancestors. They use software to operate and are an open port into your entire organization's network. Unfortunately, because they're not seen as the sophisticated pieces of equipment they are, some organizations fail to protect their printers like they would other smart devices. Outdated software, default passwords and more make printers the weakest link in most organizations' cybersecurity.
Forcing printers to print unauthorized documents is one thing, but if hackers succeed in installing malware on your networked printer, they can also access sensitive data, launch denial-of-service (DoS) attacks, and read documents stored on your printers' hard drive.
How To Secure Your Business Printers
Just like with your computer and your smartphone, a few simple steps go a long way towards cybersecurity.
Reduce the Number of Networked Printers
Printers that aren't connected to the network aren't vulnerable to outside hackers. If some printers in your office can be used offline, it's one simple way to reduce your risk.
Change the Default Password
When you set up your printers, did you change the default password? If not, do this now. The steps vary depending on your printer, but you can find easy instructions for how to do this online. It will probably take you less than five minutes.
Keep Firmware Updated
You don't have to deal with cybersecurity threats alone. Printer manufacturers regularly send out updates to firmware as new threats emerge. Again, the steps to update your printer's firmware will vary depending on your printer. But if you're using Microsoft Windows, restart your device often so any automatic updates will be applied quickly, and you can also update your device within Device Manager.
Use Encryption
Your data is vulnerable when it's on its way from your computer to a networked printer. If you print sensitive employee or customer information, you should use encryption. And if your device has a hard drive, make sure that it is encrypted as well.
Wipe the Hard Drive When Retiring a Printer
Many newer devices can do this automatically, but you'll probably have to do this manually for an older machine. And in case you were wondering, if your office printer is over seven years old, it's probably time to retire it. It simply doesn't have the cybersecurity features you need to safeguard your data, and it's probably causing you other headaches as well.
Purchase Secure Printers
Modern printers are better equipped to protect your network and your sensitive data. HP printers tend to lead the pack in printer security, and many models can automatically detect, stop, and recover from attacks with a self-healing reboot, in alignment with NIST guidelines for device cyber resiliency.
While an office printer is an investment, if a new printer prevents even one cybersecurity incident, it will have been worth it. Furthermore, if your organization is regulated by HIPAA, failure to upgrade printer security is a common compliance issue.
Fortunately, there are ways to save money and upgrade printer security at the same time, and our printing experts can offer custom recommendations to help your office do exactly that. And obviously, the best time to invest is before you get hacked, not after.
