Are you still covering printers in your Security Risk Assessment? Networked printers for years have left gaping holes in home and office network security. Today, experts continue to find flaws in popular laser printers, which are putting businesses at risk.
Experts at the University Alliance Ruhr recently announced vulnerabilities in laser printers from manufacturers including Dell, HP, Lexmark, Samsung, Brother, and Konica. The flaws could permit print docs to be captured, allow buffer overflow exploits, disclose passwords, or cause printer damage. It is estimated that up to 60,000 currently deployed printers could be vulnerable.
When unprotected, printers expose users to several types of attacks.
Hackers can use vulnerabilities to capture old printer logs, which may contain sensitive information.
Hackers establish their foothold in a networked device and move laterally throughout the organization to gather data.
With networked printers under their control, a cybercriminal may use one company's bandwidth to perform DDoS attacks on other organizations and individuals around the world.
Printers have been around far longer than most Internet of Things products. Why is their security still a problem?
Lack of awareness
Ownership is another factor. Printers are shared devices, and it's often unclear who should control the security of each device.
Vendors do not support patches on older devices and aren't liable when devices are not secure.
Implementing intrusion detection solutions is difficult on printers because most have proprietary operating systems.
Users with printers running proprietary operating systems can't rely on third parties to develop custom anti-virus solutions. Print manufacturers need to build their own.
Part of the challenge is helping businesses figure out how to translate PC security into printer security.
Right now the easiest vectors include web hacking and email attacks, but hackers will move to the Internet of Things as computers and operating systems get more secure. Printers are low-hanging fruit and easier to target.
What can you do?
Check manufacturing websites to see if patches are available for your printer(s)
Isolate your printers on local networks (separate from PCs)
Periodically update passwords so sensitive content isn’t left in the open for people to steal
Install intrusion detection for your printers
Read full article: http://www.darkreading.com/endpoint/why-printers-still-pose-a-security-threat/d/d-id/1328316
Read more: https://isc.sans.edu/forums/diary/Multiple+vulnerabilities+discovered+in+popular+printer+models/22023/