Insights from the PewDiePie Hack: Trends in Strengthening Public Sector Printer Security

Liz Alton

Nowhere is cyber security more important than the public sector. Federal employees and public sector agencies are responsible for setting the standards for responsible information handling. As a result, it’s critical that potential cyber security threats be identified and addressed. One area that’s often overlooked? Printers.

According to a GovLoop survey, 48% of professionals don’t think printers put their agency at risk, and just 38% noted their agency had security procedures in place for printers. Yet the headline-making PewDiePie hack recently showed that networked printers provide an easy access point into government networks. Let’s take a closer look at what happened with the PewDiePie hack—and what trends are shaping private sector printer security in the year ahead.

PewDiePie: How Printer Security Captured National Headlines

While many public agencies have begun exploring printer security, recent events have kicked it to the forefront for government IT leaders. Forbes reports that the PewDiePie hack occurred when an unknown hacker accessed 50,000 unsecured network printers and had them print marketing materials for a YouTube personality called “PewDiePie.” Finding, taking over, and commanding tens of thousands of printers to print specific content sounds difficult.

Yet, Forbes reports, “[The hacker] said they searched on Shodan for different open ports typically used by printers. Shodan allows users to search for all kinds of internet-connected things and one effective way to search is via port numbers. Ports sound like what they are—routes into computers for outsiders. In a secure environment, ports that allow people to launch print jobs shouldn’t be left open to the wider internet, only for authorized users. But often because of laziness or by accident, they’re left wide open, as was the case with 800,000 uncovered by the PewDiePie fan. The hacker simply chose the first 50,000 results then searched on Google for a tool to help him print en masse. That came in the form of the Printer Exploitation Toolkit, or PRET.”

Finally, the analysis ends on this chilling note: “With a short piece of code, so brief it could fit into a tweet, the command to send the print jobs was sent out.”

This is not the first time this has happened. In 2016, The New York Times reported on a hacker who used a similar scheme to hack printers at more than a dozen colleges and printed inflammatory racist materials. These examples should give public sector IT experts pause. What kind of vulnerabilities are your agency’s printers opening up to your network? And if hackers decide to access them for nefarious purposes, what’s the extent of the damage that might be done?

Specific Printer Considerations for the Public Sector

As printing hacks begin to make headlines, it’s likely that they’ll continue to escalate and increase in frequency. The public sector faces a number of specific threats and challenges with regard to their printing needs and use, including:

Printing remains a vital part of government workflows—While many businesses have increasingly moved toward digital workflows, public sector organizations rely on printing as an integral step in their internal workflows. Research from GovLoop revealed the average federal employee prints 7,200 pages per year. That same research also noted that 58% use color printing regularly and 42% have high-volume printing needs. Printers are constantly in use, and this high volume of printing means that government agencies likely have a higher number of machines that can put them at an even larger risk. Adding to the complexity is a large number of jobs that require different paper sizes, meaning that a larger number of these machines are likely to be large-capacity networked machines. Public sector organizations need to assess the state of their current printer fleet, usage trends, and security protocols to identify gaps and put strong security strategies in place.

Networked printers open windows into your network—An unprotected network printer offers hackers a gateway into your larger network. And unfortunately, notes Security Today, “In attempts to make their products easy to use, and with government backdoor demands to adhere, printer manufacturers have compromised on security and privacy.” It’s important that public sector organizations invest in secure printers and assess their existing infrastructure to be sure it meets security standards.

Sensitive data attracts hacker interest—In the wrong hands, any information can be used for nefarious purposes. However, public sector documents have the potential to be especially sensitive. Depending on the agency, documents being printed may include private citizen information, confidential government data, or even classified information that relates to national security. By the very nature of the data that some public agencies handle, they’re more likely to be at risk and need security strategies in place to mitigate potential issues.

Printer hard drives retain information—Many users don’t realize that today’s large, multi-function printers often retain logs of everything that’s printed. In some cases, that may include a copy of the document itself. Hackers who access a printer don’t just use it as a gateway to your larger network. They may be accessing copies of who printed what documents, when, and the content of those documents. For public sector organizations, this raises additional demands to look at what your printers are retaining and how those hard drives are protected.

BYOD programs and printer risks—Historically, government employees have been part of standardized equipment programs that made it easier to manage cyber security. Increasingly, agencies such as the U.S. Equal Employment Opportunity Commission have introduced bring your own device (BYOD) programs that allow users to opt out of set programs and use their own devices. Currently, even the Department of Defense has a pilot underway. As public agencies assess whether the flexibility of BYOD policies is worth the potential risk, BYOD devices—which may link to networked printers or include printers themselves—add another layer of complexity to printer security at public agencies.

Explore Managed Print Services for Cyber Security

Increasingly, organizations in the public sector are turning to managed print services to secure their printing devices. According to IDC, it’s estimated that by 2021, 45% of all printing devices will ship as part of a printing-as-a-service package. Managed print services allow agencies with networked printers to roll all aspects of management into a single package. This includes choosing machines, servicing, ordering supplies, and overseeing security. With a managed print services provider, it’s possible to design and deploy a customized security strategy across your entire printing fleet and pair that strategy with printers that can help detect and defend against attacks.

Recent hacks have shown that printers are a real vulnerability point in public agency cyber security plans. In the year ahead, make sure your agency’s IT team is taking the steps needed to strengthen your security and help protect your printers and company data against hackers.

Liz Alton is a B2B technology and digital marketing writer and content strategist. She has worked with a variety of brands including Google, Twitter, Adobe, Oracle, and HP, and written for publications including Forbes. She is a regular contributor to Connected, Connection’s official blog.

© PC CONNECTION, INC. ALL RIGHTS RESERVED.