The printers I normally use for the company I used to work for were never wireless capable. Since we were bought out a few months ago, I noticed them slipping in a few of the HP Laserjet pro m401dw printers that are wireless capable.
A couple of these were installed in a remote office before I even payed any attention that we had wireless printers there.
My question is this, what are the vulnerabilities of wireless printers? They are not being run wireless, they are cabled as of now. They are probably on the default config, wireless on and open.
How can a hacker use a printer like this to get in the network, or can they? Is this a major hole we must watch out for?
any help would be much appreciated!
I don't know these particular printers, but I would doubt you could hack into the network it is attached to. However:
It might be possible to send (Forge) a document to the printer that looks like it came from a valid internal user. Not good if used for receipts, etc.
Another possibility would be for someone to view the printers status screen, and gain some information about the network - IP addresses, user/job names, etc. In the past there have been remotely hacked LAN printers divulging recent scans & documents.
A manuafacturer's, HP in this case, debug mode might give a hacker access they shouldn't have - excellent for a DoS attack against the printer(s).
So, I would make sure you disable the radios, if you're not using them wirelessly. And make sure all operator passwords are changed from the defaults - you might have an internal user naively set it up for wireless with no malicious intent.
If you should discover any wireless security problems, please let us know - after you've fixed them of course.
I'm with Howard. I think your best bet is to remote into each printer and disable Wi-Fi completely. Hard code the IP (static IP) and use an Ethernet cable for connectivity. Plus, do all the default printer password changes mentioned for additional security.
Personally, I do not know of any enterprise-class printers that use Wi-Fi (OK, someone might know of some, but I do not...). It really makes sense (security wise) to disable Wi-Fi and use Ethernet only on networked printers. (At my work, if someone absolutely "needs' a wireless printer, we set them up individually with Bluetooth.)
Let us know if you run into any other issues.
Well I disabled the wireless in the printers, I am curious though what vulnerabilities can be exploited that way.
Gcate these printers are for small branch offices, normally no more than 10 users at each. Rather small but normally very dependable and able to print large amounts pretty well.
Several manufacturers produce enterprise class printers. Many of these are used in truly mobile applications in warehouses, which was one of the first applications for them.
Walmart, Avis, and many others also use them.
For me, the biggest issue is the wireless use of it! Someone could connect from outside the building, and send large print jobs to it, to maliciously use up all the consumables (paper, ink/toner, imaging roller/fuser life), which could easily get into several $100s. If done over night, and nobody would know till it ran out of something when they came in next morning. Since they are connected directly to the printer, there would be no restrictions on what is printed (leave it to your imagination on what that could be).
Another, is they could turn off the LAN, or change the settings on it to prevent use. If they set the IP to the default gateway, it could knock out the entire subnet, as the traffic would be unable to find the right gateway.
Not very likely if the WLAN is using good security. Surely this is not any more exposure than the rest of the wireless network under such controls.
NIST has released a draft document covering security for networked printers, copiers, and scanners.