Even though the promise of a paperless workplace dates back to the 1970s and has its origins there, the printer still poses a serious security risk in today’s office.
The printer will continue to be a security nightmare for many years, even if Microsoft Corp. is successful in eliminating all third-party drivers from Windows. The attack surface is rich, and there are a lot of soft targets.
In 2020, a Windows print spooler problem called PrintDemon compromised many networks. Microsoft issued warnings about the PrintNightmare attacks in 2021. These exploits were followed by new problems with the Windows print spooler in 2022.
Here are some of the latest examples. Printer insecurities have been around almost since the PC was invented, and certainly many of the problems stem from the legacy code that hasn’t much changed since then, making it so attractive to hackers.
The problem with printers got a boost with the first round of network print servers in the early 1990s when Hewlett-Packard Co. invented the first network printer server called JetDirect. The first network printer server was JetDirect, a circuit card with an internal chip that was available as Token Ring and Ethernet versions. The Ethernet network version and the Token Ring versions (remember them?
The cards were designed to fit into the first monochrome LaserJet Printers. Since the printer cost around $2,500, it was a good idea to share the cards. HP sold the first desktop printers several years before JetDirect. This was the first time they could easily be connected to a computer network.
Adrian Crenshaw wrote in 2003 that hackers soon began to enjoy the JetDirect card. That paper shows some quaint compromises, such as sending funny or profane messages to the printer’s LCD screen and other tricks. All of these were easy to accomplish, as many early networked printing devices came with no administrative password by default. This could be the beginnings of internet of thing insecurity.
The rise of web servers, as the default management interface in a network, has also contributed to the security issue with printers. Soon it would be hard to find a networked printer that didn’t come with its own web server to let the information technology department know when it ran low on supplies and to keep track of page counts. Hackers could easily reach them and do damage, especially since IT was slow to upgrade its firmware in order to fix security bugs.
In 2007, my colleague Deb Radcliff wrote about these issues in Computerworld. She actually used one of the printer exploits as a plot point in her 2022 cyber-infused novel “Breaking Backbones,” when one of the characters connects to a remote network through an unprotected printer.
It also didn’t help matters that security tools ignored any of the printer log files for analysis of these problems. It took HP until around 2015 to come out with ultra-secure printers that protect any BIOS tampering and have other controls, such as built-in intrusion detection. HP’s ultra-secure printers may not be enough.
But blaming an actual networked print is really just a sideshow. The real problem is with the drivers included with each operating system. Sentinel Labs reported that in mid-2021, millions of printers had been made vulnerable by bugs in HP printer drivers. The bug was created in 2005. HP was notified and the problem was resolved a few month later.
Researchers said that the problem was present in almost 400 different printers sold over the past few decades. One of the exploit’s curious characteristic is that the driver could be partially loaded and still compromise the endpoint PC, which made it a potential go-to resource for hackers.
But today’s IT environment has also created a new issue, namely working from home. A printer that uses a VPN connection could be easily connected to the corporate network. Corporate networks should track those remote printers, and check their logs to see if they exhibit any abnormal behavior.
We are now back at the office without paper. In the late 1970s, when I worked for a Washington, D.C., consulting firm, we were given a tour by a company called that, located in the Watergate complex. Its gimmick, microfiche was used because the best digital storage at the time were floppy drives that could hold only 360,000 bytes. The Post ran a feature about it, which was amusing in light of today’s technology.
Microfiche is no match for printed paper. We’re stuck with printers until then.
Image: Pixabay
We appreciate your support and we will continue to provide free content.
By clicking the link below, you will help us to continue our mission of providing deep and free content.
Join our Community on YouTube
Join the community of more than 15,000 #CubeAlumni expert members, including Amazon.com’s CEO Andy Jassy and Dell Technologies’ founder and CEO Michael Dell. Intel CEO Pat Gelsinger is also a member.
Thank you for your support