The shift to hybrid work fashions has uncovered new vulnerabilities in company print infrastructure and heightened safety dangers at many organizations.
The dangers run the gamut and embrace workers utilizing insecure and unmanaged printers, distant staff sending print jobs over public networks, insufficient consumer authentication and print job launch processes, uncovered native spools and caches, and inconsistent patching practices.
A comparatively low however regular quantity of print-related vulnerabilities have exacerbated these points. Latest examples of such vulnerabilities embrace CVE-2024-38199 (a distant code execution [RCE] vulnerability within the Home windows or Line Printer Daemon [LPD] Service), CVE-2024-21433 (a Home windows Print Spooler elevation of privilege vulnerability), and CVE-2024-43529 (an analogous vulnerability that Microsoft disclosed in its October safety replace). The threats are definitely not Home windows-specific, both. Not too long ago, researchers found a set of probably extreme flaws in Frequent Unix Printing System (CUPS), a legacy protocol largely utilized in Linux, Unix, and heterogeneous environments.
Although few of those flaws have introduced as main a menace because the PrintNightmare RCE flaw from 2021 within the Home windows Print Spooler service, they’ve difficult the problem of managing trendy print infrastructure. Attackers, together with nation-state actors, have typically abused printer software program vulnerabilities — like CVE-2022-38028 — to substantial impact of their campaigns.
Enhance in Printer-Associated Breaches
The tendencies have pushed a rise in print-related knowledge breaches. A current examine that Quocirca performed discovered that 67% of respondents skilled a printer-related safety incident in 2024, in contrast with 61% final yr. Small and mid-market organizations fared worse, with three-quarters (74%) reporting a printer-related knowledge loss incident. Thirty-three % pointed to unmanaged, employee-owned printers as a serious safety concern, and 29% recognized vulnerabilities in workplace printing environments as presenting a serious threat. Greater than 1 / 4 (28%) recognized their greatest printer associated safety problem as defending delicate and confidential data.
Casey Ellis, founder and chief technique officer at Bugcrowd, says the takeaway for organizations is that print safety must be precedence for resolution makers. “Printer and print servers are a superb place to determine persistence and acquire enterprise intelligence on a goal,” he says. The CUPS vulnerabilities confirmed that outdated, unused printer software program can nonetheless characterize a major assault floor, particularly for inner assaults and lateral motion.
Sadly, many organizations could be underestimating the dangers or overlooking them altogether. And the shift to cloud/hybrid print environments have made printer infrastructure much more of an invisible problem from a vulnerability administration standpoint, Ellis notes. “Let’s be actual — the checklist of people that spend their days occupied with and even interacting with printers is a reasonably small one,” he says. “In case your vulnerability administration course of permits out-of-sight, out-of-mind to dictate precedence, it’s straightforward to overlook [printer security risks],” he says.
The principle takeaway is a normal one, Ellis says: “Organizations want to stay diligent about their asset stock and general assault floor and make sure that they’ve a course of for evaluating the danger.”
Printers, an Underestimated Threat?
The legacy nature of many printer service environments is one other problem, as a result of vulnerabilities can typically exist undetected on them for years. Usually, these printer environments lack the type of monitoring instruments which are obtainable on different endpoint programs, making them a giant goal for attackers.
Usually flaws are launched into organizations’ print infrastructure as a result of print providers are on by default and directors aren’t conscious of this, says Tom Boyer, director of safety at Automox. “Because of this this threat will go unseen for years and adversaries use that to their benefit,” he notes. “They usually know extra in regards to the goal surroundings than the corporate themselves.”
The Quocirca survey discovered safety to be the highest barrier to adoption of cloud print providers as nicely.
“Though many organizations consider the cloud is safer than an on-premise surroundings, safety issues stay a important barrier to cloud print adoption,” says Nicole Heinsler, chief engineer of safety and gadget administration at Xerox. “General, there’s a disconnect between suppliers and shoppers on how the cloud can enhance safety by managing zero-day threats extra successfully, and the way knowledge sovereignty may be extra simply managed by cloud insurance policies.”
Cloud Printing Cyber-Dangers
The survey discovered that many organizations view resting knowledge — akin to print jobs ready in a queue and paperwork uploaded to the cloud print service — as a main threat, Heinsler says: “That is why incorporating zero-trust ideas in your cloud print infrastructure, akin to authentication and entry management, monitoring, detection, remediation, knowledge and doc safety, encryption, and automation, is so crucial.”
One method to centralize print administration infrastructure is to make use of cloud print choices that deploy a local cloud structure, moderately than to try a “lift-and-shift” of conventional on-premises server structure to a personal cloud, she notes. The challenges organizations face will rely upon the extent of customization their functions have.
“For instance, in the event that they use commonplace print protocols, there’s usually little problem with [cloud] integration,” Heinsler says. “[But] particular functions needs to be subjected to proof of idea earlier than full enterprise deployment.”