4 Ways to Improve Your Printer Security
The hacking of potentially thousands of printers by a well-meaning yet disruptive hacker known as “Stackoverflowin” has prompted many businesses and individuals to review their network security. In this article, we examine some of the best ways to ensure that your printer is safe from being attacked in a similar way and show how printers can potentially leave your entire network vulnerable.
Ensure You Have a Watertight Firewall
The firewalls on many home routers can sometimes be turned off by default, or set to “ISP-level” protection, which leaves connected devices wide open to the internet. This is useful when hosting, for example, a game server, but can prove disastrous in other situations.
If your router has a built-in firewall, check on your router settings page to see what level of protection is enabled, and make sure that ports 9100 is not open to the internet. This port is used for raw PJL (Printer Job Language) connections to the printer. These can be useful for local administrative tasks such as firmware updates but if left facing the internet, can leave hackers able to execute code remotely on your printer, and potentially gain access to confidential documents, or even your entire network.
Also, check that port 515 is blocked off, as this port is used by the LPD (Line Printer Daemon), which allows computers to send documents to your printer. Leaving this port accessible from the internet, in effect, means that anyone could use your printer in the same way that you do – potentially wasting ink by printing many pages.
Invest in a Secure Printing System
Many companies that have to print off credit card details or trade secrets have decided to invest in printers which have enhanced security. The “secure print” feature, found on many commercial printers such as the Xerox WorkCentre product line, allows users to set a PIN on their computer, which then has to be entered in order for the document to print.
High-security workplaces such as defense contractors might benefit from the use of technology which requires the person printing to be present in front of the printer. This is especially useful in shared office space, where other companies or even competitors might share printers. It can also ensure that no employee picks up documents for which they do not have the required security clearance.
Check Your Settings
Some printers come with potentially harmful ports wide open. For example, the Printer Job Language (PJL) service, which we previously closed off to internet access, could still be used by someone on the network to replace the firmware.
The issue is that the service fails to authenticate users and as such cannot detect whether the requests are genuine. To the printer, a genuine firmware upgrade is often indiscernible from a potentially malicious upgrade, which could be used to open further vulnerabilities in your network. In the past, PJL has even been used to extract passwords from printers, which if shared with other systems, could be fatal.
Keep Your Firmware Up-To-Date
Printers with out-of-date firmware often have unpatched vulnerabilities. Indeed, a lot of out-of-date firmware stores passwords in plaintext, and some have been shown to suffer from vulnerabilities that could be used to shoehorn into your entire network. Your printer manufacturer should provide instructions for updating firmware on their website.
It can appear overwhelming that such a seemingly device could be such a major security burden, but with some these simple steps, you can ensure that your printer, and your entire network, is safe from intrusion.