Printers & Music

As Organizations slowly welcome back their users to the office (RTO), others have embraced the remote, home life. Depending on your roles and responsibilities, your involvement with printing materials may have changed while working remotely for the past two years. 

Here is something to keep in mind that may get overlooked:

Make sure we’re still protecting the printers. 

Often, users don’t realize that the printer is an easy way for an attacker or cybercriminal to gain a stronger foothold onto an organization’s network.  
1. In 2018 “TheHackerGiraffe” attacked over 50,000 printers to print flyers to help promote the YouTube sensation PewDiePie. (https://lnkd.in/eeWm6-5t)
While many people might think this was just a harmless prank, it only targeted 50,000 out of the 800,000 exposed.
2. Several months ago, there were reports of POS printers being attacked in restaurants and printing up prank-style propaganda messages. (https://lnkd.in/eHAq_RVm) The attackers targeted a specific port that the printers utilize for communications to send the message across the internet. Interestingly, these POS machines were connected directly to the internet and were openly scanned and discovered. While the messages may be harmless, it demonstrates the minimal security protecting the devices on the organization’s network.
3. Recently hacktivists groups have targeted Russian military printers and gained access to send over 10,000 anti-war messages. (https://lnkd.in/e8iW77RG) While it’s not readily apparent how they gained access, most likely, they weren’t adequately secured or had exploitable open ports. 
So, whether it’s a hacktivist group, a script kiddie, or a nation-state, it’s important to remember some essential tips to protect printers and POS machines on our networks. 

Remember to protect your printers (PRAVMA)
Patched: Keep them up to date with their firmware and any printing software.
Remove: Avoid connecting the printers directly to the internet. Protect them behind a firewall. 
Avoid: leaving documents on the printer. Configure the printer where the user needs to log into the printer with a PIN to retrieve the documents.
Verify: Before returning printers, verify that all data on the internal hard drive is removed.
Monitor: Audit, review, and monitor all remote connections, including printing support companies. If possible, implement MFA for remote access to the printers.
Awareness: Include in the security awareness program about printing regarding any printed copies are correctly labeled to reduce the risk of exposing any confidential or unwanted information.

Leave a Reply

I’m James

Welcome to my corner of the interwebs where I share my thoughts, ideas and stories in the world of cybersecurity and making sure we all make smarter cybersecurity decisions everyday! Oh yeah, I also tell Dad Jokes from time to time.

Let’s connect

Discover more from Thanks for Stopping By!

Subscribe now to keep reading and get access to the full archive.

Continue reading