The printer humming in the corner may be one of the easiest ways into your network. Most security plans cover phishing, malware, and weak passwords. The shared office printer rarely makes the list, and attackers know it.
Hackers like printers more than you would think. In 2020, Cybernews ran what it called the Printer Hack Experiment. It compromised 56% of 50,000 printers and made them print a page about printer security. That is roughly 28,000 devices, taken over because nobody treated the printer as a computer worth protecting.
What a printer hands an attacker
A printer touches payroll documents, contracts, and client records all day. That makes it a target. Here is what an attacker gets once they are in.
- Your stored files. Every print, scan, and copy can leave a digital copy behind. Many printers have a built-in hard drive holding years of documents: payroll, contracts, employee records. An attacker can pull or reprint those files without you ever knowing.
- An easy login. Most printers ship with a default admin login like admin/admin or 123456. Plenty of offices never change it, which hands control straight over.
- A door into the network. Printers sit on your WiFi and your company network. A compromised one becomes a foothold for installing malware or ransomware and for reaching other devices.
- Print jobs in transit. If print jobs are not encrypted, an attacker can grab a document before it reaches the printer. Contracts, legal paperwork, and medical records all travel that path.
- A way to watch you. Many printers have storage and scan-to-email built in. Take over the device and you can reach scanned documents, emails, and stored files remotely.
- Old firmware with known holes. A printer needs security updates like anything else. Most offices never apply them, so known exploits keep working.
- A retired printer's leftovers. Toss a printer without clearing it and the data left on its storage is there for the taking. That can mean a breach and the legal liability that follows. Wipe the storage before any printer leaves the building.
How to lock down your printers
None of this needs a big project. Work down the list.
- Change the default password. If your printer still uses what it shipped with, change it now. Use a strong, unique password, the kind you would set for email or banking.
- Update the firmware. Manufacturers ship security patches for a reason. Check for updates in the printer settings, or have your IT team handle it.
- Encrypt print jobs. Turn on Secure Print and end-to-end encryption so jobs cannot be intercepted on the way.
- Restrict who can print. Set access controls so only authorized people send jobs. If the printer supports PIN codes, require them for sensitive jobs. A guest option covers everyone else.
- Clear stored data. Some printers let you delete stored jobs by hand. If yours has a hard drive, encrypt it, and wipe or destroy that drive before you get rid of the printer.
- Put it behind a firewall. Treat the printer like any other computer and keep it behind a firewall to block unauthorized access.
- Watch the activity. Have your IT team track printer logs. Odd print activity, remote access attempts, or someone printing sensitive documents who shouldn't be should set off alarms.
Treat the printer like a computer
Plenty of offices skip printer security because a printer is just a printer. Attackers count on exactly that. The overlooked device is the easy target.
Lock down every computer and leave the printer wide open, and you have left the gap that matters.