Even in this so called ‘paperless’ age, almost every business still uses a printer on a daily basis, but did you know that even these can get hacked?
Yes, printers are vulnerable pieces of hardware which can allow hackers to gain access to your systems. And this recent scare was all down to a vulnerability identified in the Windows Print Spooler server. Luckily, this susceptibility was identified and Microsoft quickly released a patch to nip this matter in the bud.
However, it’s a troubling scenario given that we’re not used to our printers being used as a back door for hackers to take control of our networks, so I’ve decided to dig a little deeper into the story.
Hacking a Printer
When a new printer is installed, the files required will be downloaded from the Windows Print Spooler server to get the printer up and running. Usually, the correct files will be downloaded and everything will go smoothly. However, Microsoft discovered a critical flaw which meant that Windows would not handle the installation correctly and this would lead to users not connecting securely to their printer.
This would leave a gap in security which would allow hackers to gain unauthorized system privileges and install their own malware files on users’ systems causing all kinds of security issues. There would also be the opportunity to carry out what’s known as a Man-in-the-Middle Attack which would allow the hackers to take control of information being transmitted by the infected PC and alter it.
Perhaps the most damaging effect of an attack like this is that printers tend to be behind firewalls, so any malicious activity would go unnoticed. What’s particularly worrying about this is that large numbers of PCs are usually connected to a printer, so the potential for infecting other PCs becomes greatly magnified.
Is Windows Secure?
This vulnerability in Windows is particularly embarrassing for Microsoft given their high profile security hiccups recently such as a lack of WiFi security, so this latest threat doesn’t instill confidence in Microsoft’s approach to security. To make matters worse, this recently discovered flaw is an issue which affects operating systems going back to Vista which was released 10 years ago, so a huge number of PCs are at risk.
And it’s not the first time that Windows Print Spooler service has been exploited, so it raises some important questions about how Microsoft continue to monitor security vulnerabilities once they appear to have been solved.
Make Sure You’re Safe
The most important step you can take in combating security flaws such as this is to install all updates as soon as possible. It only takes a few seconds for a hacker to gain access to your systems, so it’s vital you don’t leave that install until the morning.
With vulnerabilities which are built into operating systems, of course, you can’t really put any blame on the end users, but it’s crucial that users look out for the following activity:
- In this particular case, the ability for the hackers to set up a rogue printer on the network presented itself, so any unusual printer activity could indicate a security issue
- Systems shutting down of their own accord and any ‘File Installation’ progress bars suddenly appearing could be evidence of malicious code being installed
For more ways to secure and optimize your business technology, contact your local IT professionals.