Translate this page:

Where are your Secrets being Kept? Printer Risks/Vulnerabilities

06/03/2021 9:46 AM | Scott Merritt (Administrator)

Where are your Secrets being Kept?

Printer Risks/Vulnerabilities

Article by the Cyber Security Committee

Office printers/scanners/fax machines (hereinafter “printers”) are a treasure trove of sensitive data. Because they often come with a web-based interface or an internet connection, they have a huge attack surface, making them easy to hack.

How are printers vulnerable?

  • Open External Ports (USB, memory cards, etc.)
  • Wi-Fi, Bluetooth and other wireless connections
  • Printers have a memory – all items printed, scanned and copied are stored in memory on hard drive of printer

What do hackers want with printer access?

  • Access to Non-Public Personal Information and other sensitive information
  • Backdoor access to network – printers can become a “hot spot” for others to use your internet access which could compromise your data and slow the speed of your Wi-Fi

What are common methods of attack?

  • Criminal sending an image of a file to a company’s printer with Trojan malicious code, which can allow them to capture the content of all images that are printed
  • Criminal will change printer configuration to re-route print jobs to outside the company
  • Criminal will attack through Wi-Fi by getting the printer to connect to a malicious network and then execute/install harmful code

Steps/suggestions to protect your printers:

  • Change the password access to printer regularly
  • Consider having all employees have their own long, unique passwords
  • Change the printer’s name
  • Change the printer’s Wi-Fi password
  • Regular updating with security patches and software
  • Regularly update and upgrade your printer for latest in security features 
  • Consider disabling USB port on the printer
  • Turn off all application options that come pre-configured with your printer
  • Turn on dual 2-factor authentication, if available
  • Turn off “notifications” for proactive maintenance being sent to suppliers (any messaging going outside your company is taking a risk)
  • Configure network settings so that the printer can only answer commands that come from specified ports on your network router
  • Use a firewall on your printer
  • Enable the hard disk setting to encrypt/set to overwrite
  • Consider turning off all Wi-Fi or Bluetooth options
  • Awareness is key - Recognizing the risk that printers have and making it a priority is crucial in managing and mitigating these threats

 Special considerations to protect your printers AT HOME:

  • Shred all sensitive information that you print at home office prior to throwing it away
  • Update your driver when prompted 
  • If you get rid of a home printer, destroy the hard drive or change the printer settings to make sure that the hard drive is not storing any information
  • If using Wi-Fi – make sure you have a secure connection using VPN - Consider hard wiring if possible
  • Disable Internet Printing Protocol (IPP) printing and enable Secure IPP printing instead
  • Make sure your wireless security is WPA2 or stronger
  • Change setting and redirect to https
  • Set encryption strength to high

Florida Land Title Association is a 501(c)6 not-for-profit organization.

Copyright © 2013-2021. All Rights Reserved.

Mailing Address:
Florida Land Title Association
P.O. Box 66145
St. Pete Beach, FL 33736

Powered by Wild Apricot Membership Software