About 14,000 printers across the country were hacked and started spewing hideously racist, antisemitic fliers encouraging students to join a white supremacist organization on March 17th. It could have been easily avoided with exceptionally basic cyber security measures, but it wasn’t. Whether through ignorance or laziness, these 14,000 printers were left publicly accessible on the network, meaning anyone with some networking knowledge could print to them.
Printer security is something that a huge number of people overlook, and it’s a serious issue. This situation isn’t the first, and considering the growing Internet of Things trend, it isn’t going to be the last. Offices are being hacked and having financial data stolen through compromised USB drives and now students are finding themselves being recruited to join racist groups by their own printers.
It’s an issue that shouldn’t happen, but it does. So how do you avoid it?
When someone plugs an internet-enabled printer into their network, they might not even know it’s open to the world to print to. One of the main ways people gain unauthorized access to networks is through getting people to let them in; USB drives are a popular one, for example. A dedicated, blanket hardware firewall is the obvious solution to such vulnerability. All devices are routed through it first, which means any outside access is immediately blocked. But these are expensive—specially for small businesses.
Nearly universally, routers come with built in firewalls. While these aren’t perfect devices, they are far better than no protection at all. By activating a firewall and setting up its rules, you can actively mitigate threats like these. The common port for printers—and what the hacker exploited in the above scenario—is port 9100. TTIG checks all your network enabled devices and blocks all their ports unless you’re actively using them through the cloud. If your router doesn’t contain a built in firewall, or if your business or internet provider doesn’t allow the use of one, there is an option of purchasing one.
Finally, many network enabled devices simply allow you to set user names and passwords. Or, if you want to be more advanced, many even allow you to set MAC address white lists that only allow certain devices through. This is an option for those of you who do like to use the network capabilities, but don’t want outsiders getting access and causing havok.
With the right equipment and knowledge, you’ll lower the possibilities of a cyber attack or hack in your office network.