The growing number of networked printers scattered like confetti across an organization periodically get the attention of IT staffs.
This is one of those times. The Register says that a new exploit, Cross Site Printing for Spamming, relies on the port printers use -- port 9100 -- that generally is open and lightly protected. If a hacker uncovers the printer's IP address, he or she can do a good deal of mischief, such as causing the printer to "spew out garbage," send out fax messages, reformat a printer's hard drive or download malicious code, the story says.
The response is fairly simple: IT departments should keep printers secure. The challenge is keeping up with this decidedly unglamorous part of the security task.
This eWeek slide show provides 20 tips on securing printers, many of which have applications elsewhere. The steps: Overwrite the hard drive when getting rid of the machine; overwrite data immediately after printing; print from memory to avoid the hard drive; and secure the printer with passwords, cards and biometrics. The slide show also suggests securing non-printing functions of the printer and being careful with e-mail and fax functions.
Printer viruses, an executive from NetVigilance is quoted as saying at ITWorld, are designed keep their anonymity by infecting other systems without weakening the host. In some cases, printers with hard drives have been hacked to hold illegal content. For this reason, it is important to properly delete data on printer hard drives before getting rid of the device. Security plans, the story says, should include information on printer safety.
Printer companies are taking note. Sharp has installed "change control" software from Solidcore Systems on its MX Seriers printers and multifunction peripherals running on Windows XP Embedded, according to Dark Reading. The software stops unauthorized code, prevents configuration changes and can serve as the basis for antivirus and other security software. Solidcore says that it is in discussions with other printer vendors.
Another vendor that is paying attention is HP. Last autumn, the company introduced Secure Print Advantage. The technology is designed to make sure that the authorized person gets printed materials and guards against malware, according to this PC Advisor story. The piece says that the system encrypts print documents and authenticates users. In other words, it does what security experts claim is necessary -- it raises printer security to the level generally accorded to other network elements. The system, the story says, uses smartcards, the Lightweight Directory Access Protocol (LDAP), the Advanced Encryption Standard (AES) and security protocols and standards others.
This piece at hdx3fd is a bit technical -- not surprising considering the name of the site -- and comes to the same conclusion as many others: Printers are not adequately secured. The writer proved this by testing with his own printer, which is a Brother. The machine was easily accessible from four access points and not protected by MAC filtering. It was easy to catch passwords, the writer says.
Just about all businesses, from enterprises to Mom and Pop shops, tend to have more printers than they need. This is unfortunate, since they are a latent threat with which security forces must grapple. If they don't, it only is a matter of time before the organizations for which they work pay a heavy price.