How to protect your printer from being hacked

Mardi gras
DIY Fun with Paper: Mardi Gras
February 16, 2021
laptop with an ongoing remote meeting
Success Lab: How to Manage a Remote Team
February 25, 2021
security written on screen

Unsecured devices on home and work networks are a growing problem, thanks to the proliferation of Internet of Things (IoT) devices. With growing numbers of people working from home through 2020, if you haven’t already done it, securing your home printer has to be one of your top jobs for 2021.

Few people know that their printer can be hijacked. As a result, printers are often left unsecured, something we highlighted in an earlier post.

Researchers at CyberNews recently attacked 50,000 home printers to raise awareness of this issue – and they have helpfully created a three-step checklist for printer owners, so you can make sure your own home printer is secure.

  • #1. Secure your printing ports and wireless connections.
  • #2. Update your printer’s firmware.
  • #3. Change your password.

OK, so far, so good. But how can you go about doing each of those things? Well, it will first depend on your printer make and model; each will be slightly different. We suggest you dig out the instruction manual if you can. However, in terms of general principles, this is what you need to do.

#1a. Secure your printing ports

Unsecured ports are probably the easiest entry point for hackers. By turning off all the printing protocols that you are not using, you narrow their options for attack.

The standard protocol for secure printing on new printers is IPPS protocol via SSL port 443. This means you’ll need to leave that open for your own use. However, you should be able to turn everything else off.

To do this, you’ll need to dig out your router’s user manual and follow the instructions. CyberNews recommends turning off AppleTalk, Telnet, FTP, and SNMP, Ports 515, 721-731, and 9100, Internet Printing Protocol (IPP) on port 631 and the Server Message Block (SMB) protocol.

#1b. Lock down your wireless connections

Most printers have a Wi-Fi button on the printer itself, and you will be able to turnoff wireless printing using it. Alternatively, you should be able to do this via the printer’s control panel.

Users who are more experienced in IT, could also achieve the same by disabling wireless printing over HTTP in your Windows registry settings.

Perhaps, most simply, don’t forget to turn off your printer when you’re not using it. If there is no connection, you’ve neutralised the vulnerability. Hackers can’t exploit what isn’t there.

#2. Update your printer’s firmware

The best way to stay protected is to keep your operating systems and applications up to date – and the firmware for your printer is no different. You should make sure that you update it on a fairly regular basis.

Device manufacturers work hard to continually respond to new vulnerabilities and risks, so by not updating the firmware you are missing out on this protection and leaving yourself vulnerable.

Update the firmware from your printers control screen. Or turn on automatic updates. If you aren’t sure how to do this, refer again to your printer’s instruction manual or the manufacturer’s website.

#3. Change your password

Most printers arrive with default administrator usernames and passwords. If you don’t change this default configuration, hackers will be easily able to gain access to your printer.

If your printer still has its box-fresh settings unchanged, change the administrator usernames and passwords immediately. Remember to follow best-practice tips on strong password creation.

It’s also worth making sure that printing always requires log on credentials. Again, your printer’s manual will tell you how to do this.

Following these simple steps doesn’t take long. But it will help you ensure improved network security. Remember, that this advice isn’t limited to printers – you need to follow these steps for every device you connect to your home or office network.