Feb 15 2023

Don’t Forget Printer Security When Fortifying Your Network

Even printer supplies can leave your network open to cyberattacks. Fortunately, manufacturers such as HP have made securing printers a top priority.

Despite the publicity given to ransomware attacks and other data breaches that have occurred at higher education institutions, those attacks succeeded at the same pace in 2022 as they had in previous years. According to a study by Emisoft, 44 ransomware attacks at colleges and universities were publicly reported in 2022, roughly the same number as every year since 2019.

The attacks tend to be initiated by someone clicking a link in an email from an unknown source, but once the code gets behind an institution’s firewalls — or the firewalls of employees who are working from home — any poorly secured devices are vulnerable.

Successful cyberattacks can pack a financial hit if a ransom payment is made, but they can be even more costly in terms of the downtime that follows an attack when IT teams attempt to recover stolen data.

The security experts at HP Printer Supplies figured out 20 years ago that their printers were not immune to attack either, especially behind poorly fortified firewalls.

“We definitely all know that network firewalls are porous. And there’s multiple ways to get in; for example, email phishing attacks that are becoming ever more sophisticated,” says Shivaun Albright, HP’s chief technologist for printing security.

FIND OUT: What's new in SIEM for higher ed InfoSec teams?

HP has made a concerted effort to ensure its printer hardware is hardened against possible attacks. Hardware and software inside the printer, according to Albright, are designed to detect the common methods malware uses to take over devices.

“We’re looking at outgoing packets to see if the device has potentially been breached in some way by a hacker, and then we can reboot the device,” she says.

Albright also describes a routine HP calls intrusion runtime detection.

“The printer is scanning memory for any anomalies because the signature of the code has changed. Then we go through a reboot,” she says.

Fighting Network Vulnerabilities Created by Third-Party Toner

HP soon realized that when they integrated microprocessors into their ink and toner cartridges, which report supply levels and page counts to drivers and management software, they had introduced another possible entry point for attackers. Around 2005, they made sure that the chips could not be modified.

“We recognized right away that when you put a microprocessor on a cartridge and insert that into the device, it needs to be locked down,” says Steve Daniels, HP’s marketing manager for security.

Steve Daniels headshot
I haven’t met an IT manager yet who believes spending less on a cartridge is worth the risk.”

Steve Daniels Marketing Manager for Security, HP

Authentic HP ink and toner cartridges contain read-only memory that can’t be overwritten. But the same can’t be said of the microchips on third-party cartridges, which are designed to be reprogrammed in the field.

Albright likens this vulnerability to finding a random USB memory stick in a parking lot — you don’t know what’s on that interface or how it interacts with a device.

“Let’s say there’s unexpected input coming from the cartridge microprocessor to the printer, and if those interfaces haven’t been tested well enough, you have what we call a buffer overflow in the printer’s memory, which could allow potential hackers to inject code into the printer.”

That code can read the data that’s being sent to the printer, but it can also use the printer as a base to move its malicious code to other devices on the network.

Keeping Higher Ed IT Managers Informed About Printer Security

Despite all the ways that companies like HP install security protections into devices and supplies, users and IT managers make up a third part of the security equation, and need to be kept up to date on how devices can be protected through firmware upgrades and the use of authentic HP supplies.

“We provide a lot of security protection because we believe it’s worth it; it provides assurance to our customers that an electronic device — in this case, a print cartridge — has been thoroughly vetted,” says Daniels.

One way that HP tries to make customers aware of these issues is through its Bug Bounty program, in which white-hat hackers are paid to discover vulnerabilities in HP’s cartridge chips. When IT managers are informed that the company is working toward sealing off those vulnerabilities, Albright and Daniels say, they leave the third-party supplies behind.

“Once people understand that, there’s no question they’re willing to pay the extra money for authentic HP supplies,” says Daniels. “I haven’t met an IT manager yet who believes spending less on a cartridge is worth the risk.”

Brought to you by:

VectorPocket/Getty Images

Become an Insider

Unlock white papers, personalized recommendations and other premium content for an in-depth look at evolving IT