In today’s technologically advanced world, most personal and corporate printers do more than just print documents. They are IoT devices that are capable of much more. But, with these capabilities, come more risks and vulnerabilities. Being connected to the network, and almost every other device on the network, makes printers the perfect entry point for bad actors due to their public accessibility.
IoT printers are vulnerable to hardware attacks – specifically, network implants. These malicious devices sit on the Physical Layer, going undetected by existing security solutions. This can cause a number of perilous consequences which can seriously harm an organization.
Printers are seemingly innocuous devices, which makes them even more harmful since cybersecurity is not as seriously applied to these devices. Due to their apparently harmless nature, they are not typically on the radar of corporate cybersecurity teams. According to a survey by Spiceworks, only 16% of IT industry respondents think that printers are at high risk of a security breach. Furthermore, 43% of surveyed companies ignore printers in their endpoint security approach.
Every organization will have multiple printers at the office and are therefore an appealing target for malicious actors. Printers are often a target in cyberattacks on banks, but all organizations are at risk.
Most printers have internal storage where they stow print jobs, scans, copies, and faxes. An attacker targeting a printer can recover these documents and use them to harm the organization, or even sell them on the darkweb for a considerable amount. This data breach can have serious consequences for the victim, including hefty legal fines and a damaged reputation.
An attacker might set out to change the settings on a printer to reroute print jobs in order to obtain confidential information. Changed settings can also allow the perpetrator to open saved copies of documents. Additionally, the settings can be reset to the default settings which wipes any changes made by the organization, including security changes. By altering the settings of the printer, an attacker can cause a crippling data breach.
Another way in which a data breach can be caused is whereby the attacker eavesdrops and/or captures documents sent from the computer to the printer. By sitting on the network, an implant can gain access to the network printer traffic and obtain potentially sensitive information.
By accessing a network-connected printer, the attacker can move laterally across the network to other unsecured devices. This can allow the perpetrator to cause more damage than if they were to just target the printer. If sensitive data is not found on the printer, by infiltrating the network the attacker might discover confidential information elsewhere and the printer simply serves as an access point.
An attacker might target a printer to incorporate it into a botnet in order to carry out a DDoS attack, causing the printer to stop working.
Through an attack, a perpetrator can install malware on the printer to control it remotely or gain access to it. This can subsequently result in a data breach or further network infiltration.
Evidently, printers should be a major cause for cybersecurity concern since they are often one of the weakest links of an organization. So, what you print is not just what you get; you might be giving an attacker their next pay check.