Can a Printer Be Hacked?

23rd August 2021

When working with any kind of technology to process private information, you always have to be prepared for the potential ways that hackers and other malicious third parties may try to infiltrate your system and gain access to your data. You’ve probably considered the security of the computers, phones, and tablets used in your daily activities, and taken measures to prevent breaches of sensitive information on these internet-connected devices. But, have you ever considered the security of your printers and copiers?

In short, yes, printers and other multifunction devices can be hacked through numerous vulnerabilities in their systems that malicious third parties are able to exploit. Read on to learn more about the ways in which hackers can gain access to your printer system, followed by some tips on how to increase the security of your printing and copying processes.

What Harm Can Hackers Do Via Your Printer System?

Printers are an often overlooked element of an organisation’s security infrastructure and are extremely vulnerable to breaches without the right preventative measures. It can be easy to forget about this aspect of security when putting preventative measures into place, as conventionally we tend not to consider a printer at the same level of technology as a computer. But with advances in printer technology over the years, the majority of modern printers are able to connect to the internet and are therefore susceptible to being hacked by external third parties. Hackers are aware of this common security gap, and have been known to take advantage of it in order to exploit organisations’ printers for their malicious intent.

Some of the threats that an unsecured printer system can pose to your security include:

  • Stolen data: Hackers can steal sensitive data temporarily stored in the printer system, which they can then use to carry out a ransomware attack, or sell on to other third parties.
  • Botnet attacks: Hackers may connect your devices to a ‘botnet’, which is the name given to a network of infected devices controlled by one individual attacking party used for malicious purposes. They can then steal your data and use your devices to carry out other cyber attacks.
  • Device malfunctioning: Some hackers infiltrate printer networks purely to cause havoc, gaining control over hacked printers just to command them to print strange files or shut off randomly, among other nuisances.
  • Device bricking: Hackers are able to ‘brick’ your devices after hacking them; in other words, they essentially render your printer completely and irreversibly useless.

How Can You Tell if a Printer Has Been Hacked?

You may not realise that your printer has been hacked until it’s too late, but there are a couple of signs to look out for that can help you to stop a security breach in its tracks before any major damage has been done.

 Look out for: 

  • Unauthorised printing jobs: If your device starts to print out random or unknown documents that haven’t been authorised or queued by any of your organisation’s users, there’s a chance that your printer system has been hacked.
  • Error messages: if your device has started to show error messages or prints out error messages instead of printing out actual documents, this is a sign that your printer system has been corrupted.

When you notice any of these signs, take immediate action by shutting off your printer system completely and contacting your in-house IT department, or seeking the help of a third-party IT service provider if you don’t have an in-house team.

What Puts Printer Systems at Risk of Security Breaches?

Old Printer and Copier Devices

Older printer and photocopier devices are less secure than up-to-date models. This is because the connection between the computer and the devices is less secure, meaning that hackers have less of a hard time infiltrating your system and stealing any information that is sent over your network.

Not only are hackers able to do so remotely, but they’re also able to do this by physically visiting your working location and plugging a pen drive loaded with malware into one of your devices. The hard drives on printer and copier devices are unsecured, so the malware is able to infect the first device, and then goes on to infect every other device in the whole network. It’s an unlikely but very possible scenario, and can even pose a threat to newer devices if they have been enabled to allow you to access documents stored on printers and copiers from your computer. Remember to check that this feature is disabled when setting up your printers and copiers to prevent breaches through this vulnerability.

Personal Printer and Copier Devices

Smaller sized personal printers and copiers typically used in manager’s offices, particularly the older models, have a significantly higher number of potential security risks compared to larger models. As these smaller devices were designed to be used in the home, manufacturers tend to make security less of a priority when building them.

For example, many copier devices designed for home use come with a “print from anywhere” feature which enables the user to print documents to the machine even when they aren’t in the office. While this feature is useful, it isn’t secure, as it has to create a gap in the computer’s firewall to enable the user to communicate with it remotely. This gap in the firewall is left open to hackers who can take advantage of it in order to gain access to the copier. This gives the hacker full access to anything that the copier has scanned, the files and documents stored on the computer, and they can then go on to access the entire computer network associated with the device. Turn off this feature if you’re using a personal printer.

In addition to this, personal copiers often have a default setting that allows users to open folders on computers within their network to access files scanned from the copier to the hard drive. This setting enables the user to write and remove information stored in the device from any computer on the same network, and is backed up by minimal to no security. It’s a good idea to turn this feature off too if you’re working with a personal copier.

Remote Support Features

Some printer and copier devices come with a remote support feature that enables the dealer or manufacturer to remotely access the device without your consent which poses an obvious security threat. Even when these remote support tools are used with your consent, the two-way communication channel creates gaps in the network. Hackers take advantage of these gaps created by the support feature and use them to access documents that have been printed or scanned, or to infiltrate the whole network. If your devices have this feature, either disable it or find the option to have one-way outbound support.

Tips for Better Printer Security

Upgrade to Up-to-Date Devices

Newer printer and copier models have a host of security features to protect your documents and network. This includes features such as Transport Layer Security (TLS) which encrypts files that have been scanned and sent to an email address, and updated versions of Server Message Block (SMB) which securely scans documents straight to a folder instead of an email address.

Scan Network to Identify Security Gaps

Hackers abuse software known as ‘scanning tools’ which they can use to scan their victims’ networks and find security gaps that they can potentially exploit, which are often found in printer and copier devices.

When scanning your network, hackers are looking for open ports. These open ports provide the hackers with a pathway to directly access the printer or copier’s hard drive, allowing them to view all the information stored on it. Hackers are also able to use open ports to infiltrate the whole network of computers linked to the device. The best way to combat this problem is to use the same software that the hackers use, and scan your whole network to find and fix any gaps in security from open printer and copier ports before they do.

Other Tips for Best Practices

  • Enable data encryption kits
  • Update printer and copier software regularly
  • Use a VPN to connect printers and copiers to the network
  • Turn off printers and copiers when not in use