I'm pretty sure that if you ask most people what a printer is, they'll tell you it's that annoying machine in your office that prints text on paper and gets jammed every once in a while. But printers are being underestimated - at the cost of a potential cyber attack.

A printer is actually a pretty smart computer. It has an operating system, runs software, and can activate a variety of actions, including malicious activity if commanded to do so. Even more so, the printer is a gateway to your network, but unlike on the endpoints - you can't install an antivirus on your printer. Yet printers also have vulnerabilities that can be exploited, and these vulnerabilities usually stay open due to lack of awareness to the importance of updating printers and installing patches. Like one of our customers proclaimed upon installing ThreatSTOP in their network - "I had no idea my network printers are talking to China!".

Late last year, security researchers at F-Secure labs uncovered two high-severity vulnerabilities in HP printers, affecting more than 150 models of its MFPs (multifunction printers). These critical flaws, dubbed "Printer Shellz", have been active under the radar since 2013. Attackers abusing the vulnerabilities could launch a "cross-site printing" attack. Once they have successfully phished a user on the printer's network, the website sends a remote command to print a document using a malicious font, giving the attacker code execution rights on the device. Running a malicious code can allow the attacker to steal any information sent through the printer, including documents, login credentials and passwords connecting the printer to the rest of the network.

Aside from stealing information from the victim organization, stolen credentials can be used to infiltrate other parts of the network. The font parsing printer vulnerability is wormable, meaning attackers can deploy self-propagating malware that spreads across the network after compromising the target printer.

To ensure your printer security, ThreatSTOP highly recommends checking the available patches and software updates for your printer model. But that's not all. Patches are a very important first defense, especially in cases of known vulnerabilities, but what about he undiscovered ones? Like Printer Shellz were between 2013 and 2021. The answer is - block the threat infrastructure in the first place. If attackers can't communicate with your network, they won't be able to compromise any of the devices on it. That's how ThreatSTOP works. We prevent cyber attacks at the gateway, blocking both inbound and outbound malicious traffic on the IP and DNS levels, eliminating threats and reducing suspicious network noise.

It takes less than an hour to install ThreatSTOP, and the security benefits are immediately visible. Join the movement of companies blocking attackers instead of just their threats. 

Get a Demo