How to secure your infrastructure’s weakest point
13 December 2016
3 min read
Paul McKiernan, HP Print Security Advisor, addressed an audience at The Telegraph Festival of Business 2016 to reveal how many companies are guilty of complacency with their printer security.
“Printers are the original ‘thing’ in the Internet of Things,” explains Paul. They have the same features, functionality and network connectivity as every other endpoint, including PCs. However, unlike other endpoints, printers aren’t afforded the same level of protection, despite being just as vulnerable to attack. 91% of people are concerned about PC security, 77% of people are concerned about mobile and server security alike, yet just 18% of people are concerned about printer security.
Check your network exposure with Shodan
Shodan is a search engine for the Internet of Things that enables users to find specific devices connected to the Internet. It helps security teams discover devices that are linked to their network to help them make a decision about whether to disconnect them or not - depending on the security risk they pose. It helps security teams stay aware of what is on their network.
Disconnect the devices you don’t need on the open network
“If you have a device on the open Internet with default passwords, you have an open door to your organisation, ” Paul explains. If the device found on Shodan is supposed to be on the network, it’s an acceptable risk. If it isn’t supposed to be on the network, disconnect it and shut that door to your network.
In March 2016, a hacker attacked almost 30,000 printers at college campuses across the United States to start printing out hate-filled leaflets. The hacker entered the network by finding open devices on Shodan.
Ensure no devices in your infrastructure have admin passwords
In October 2016 the US and Europe fell victim to a major DDoS attack, the largest of its kind in history, that brought down major sites including Twitter, Netflix and CNN. It came through CCTV cameras and the malware sought out any devices which were ethernet connected (including printers) that had default admin passwords. If you want to secure your infrastructure, you need to change your default passwords immediately.
It’s safer to keep devices wired
You can reduce the risks of vulnerability by keeping devices inside the blue zone of your internal network, as opposed to keeping them on wireless.
Researchers in Singapore recently demonstrated how easy it is for hackers to use a drone to break into networks in office skyscrapers through Wi-Fi printers. As part of their demonstration, the researchers were able to intercept and divert print jobs and send them to a mobile phone rather than the print device.
Invest in devices with in-built securityPaul McKiernan, HP Print Security Advisor
Today’s endpoints and devices are better prepared for cyberattacks. If your business is ready, invest in devices that can cope in the event of a breach. HP printers, for example, come with embedded intrusion detection software and self-healing technology that stops activity, wipes the memory and reboots the system in the event of suspicious activity. If it’s connected to the organisation’s security monitoring system, it will send an alert.
While businesses can never be fully protected from hackers, there are simple and effective ways for security teams to reduce the risks of attack. To optimise their protection levels, cyber defenders need to familiarise themselves their devices, monitor their network for new devices and accompanying passwords and keep up to date with the latest security technology to keep their IT infrastructure protected and prepared.
“Hacking is an ongoing game of chess where the rules are changing all the time. There are ethical hackers and unethical hackers. The unethical turn to cybercrime.” Paul McKiernan, HP Print Security Advisor