Tech News

Now we have to worry about our printers spying on us

Now we have to worry about our printers spying on us

Now we have to worry about our printers spying on us 2017 images

Yes, Your Printer Is Capable Of Spying On You

Every company dreams of a paperless office, but somehow, company policies dictate hardcopy documentation for various purposes, mostly legal. Ironically, the advancement of computer technology which is supposed to minimize paper use, instead increased our paper output. We’ve come to depend on our printers even more, and printers have evolved to become faster and more efficient in using up more paper. So we’re basically betrayed by technology wherein we end up using more paper when we’re not supposed to. But that’s just one way our printers betray us. With all the hacking news nowadays, we often forget that printers are connected to our networks too, and because sensitive data goes through them to be printed, they can a sweet target for hackers in order to snoop or steal data in their print queues.

A computer science grad student wrote a paper which closely studied how printers can be exploited by hackers. The following is part of the paper’s introduction.

“…The paperless office has been a dream for over three decades. However, the nowadays, printers are still one of the most essential devices for daily work and common internet users. If instead of getting rid of them, printers evolved from simple printing devices to complex network computer systems installed directly in company networks and carrying lots of confidential data in their print queues. This makes them an attractive attack target…”

The student and his associates evaluated several networked printers including ones from HP, Brother, and Kyocera and found several vulnerabilities that can be exploited. So, the computers of the target network may have their individual protections from attacks past the company firewall, but the printers don’t enjoy the same level of security.

Large network printers are basically computers in themselves with large memories and some measure of storage to keep their settings in. These printers are even hosts to their own websites so that users can configure them remotely. A researcher at Mackeeper even stated that printers can even act as hosts to malicious web pages or execute malicious executables and can do so on unprotected ports such as port 9100.

“Your office’s big HP printer probably has many gigs of internal storage space, and, if you don’t protect port 9100, you’re basically handing an anonymous FTP server to the hacker community… These printers are wonderful repositories. It doesn’t take much creativity to realize that even highly illegal materials could be stored this way… Even in sleep mode it will still host files. And who checks the contents of their printer’s hard drive? What are the odds of this hacker’s secret stash ever being discovered? Pretty low if you ask me.”

— Chris Vickery, Mackeeper researcher

HP is very much aware of security issues and have documented procedures that many IT setups often ignore. If the printer is running, connected and printing, that’s all she wrote… or printed.

“This scenario can be prevented by disabling the PJL/PS filesystem commands, directions for which can be found in the document, HP Printing Security Best Practices for HP LaserJet Enterprise Printers and HP Web Jetadmin. In addition, customers have the option of using the more secure protocol IPPS (Internet Print Protocol over HTTPS) instead of Port 9100…. Regardless of which printing protocols you use, managing printer configuration is an important step in protecting the print environment… The average printer has over 250 settings, including ports and protocols that could be a source of vulnerability. HP encourages customers to protect their printers by turning off any unused ports and protocols, providing tools to help with this including HP JetAdvantage Security Manager, which provides policy-based security management across a printer fleet, and WebJet Admin, a free tool that provides web-based configuration for HP printers.”

— HP Spokesperson

Fortunately, for companies in the market for new printers, HP’s new printers will include enhanced protection features such as firmware whitelisting, BIOS protection and runtime intrusion detection. For now, it’s best for executives with confidential emails to have their own small printers and let everyone else work on and even chat around the big ones. Smaller companies with networked printers need to invest in hardware firewalls and ensure the printer is behind one.

Tech News

Our technology expert who knows a thing or two about the future, superheroes and Supernatural.

More in Tech News

wikileaks loses spokesman leaving julian assange on his own 2017 images

Wikileaks loses spokesman leaving Julian Assange alone facing eviction

Jeffrey LangMarch 1, 2017
It’s the Year of the Underdogs, Nokia 3310 is Back 2017 images

It’s the Year of the Underdogs, Nokia 3310 is Back

Marius MaronillaMarch 1, 2017
samsung pushing galaxy tab s3 after phones get delayed 2017 images

Samsung pushing Galaxy Tab S3 after phones get delayed

Jeffrey LangFebruary 27, 2017
google goes after uber for self driving theft 2017 images

Google goes after Uber for self driving theft

Jeffrey LangFebruary 25, 2017
Robots that Replace Skilled Labor Should Pay Taxes 2017 images

Robots that Replace Skilled Labor Should Pay Taxes

Marius MaronillaFebruary 23, 2017
Top 10 hottest tech and game changing innovations 2017 images

Top 10 hottest tech and game changing innovations

Jeffrey LangFebruary 22, 2017
The Ultimate Spy Gadget Samsung Galaxy S3 2017 images

The Ultimate Spy Gadget: Samsung Galaxy S3

Marius MaronillaFebruary 20, 2017
yahoo warns on more hack attacks 2017 images

Yahoo warns users on more hack attacks

Jeffrey LangFebruary 16, 2017
From Russia with Love, Take Edward Snowden 2017 images

From Russia with Love, Take Edward Snowden

Marius MaronillaFebruary 16, 2017

Subscribe to our Daily Newsletter

You will only receive one per day. You'll also get a free THE WALKING DEAD graphic novel with your subscription