Old Copiers - A Security Risk in the Making

If your office copier is more than five years old, it could be a major security risk. These omnipresent office machines are often thought of as simple tools, but that couldn’t be further from the truth. 

A copier is more than a machine that makes prints and copies — it is a fully fledged computer, just like a laptop or desktop, with the added functionality of printing, copying, scanning, and faxing tools. Like your computer, a copier is connected to your office’s network through wi-fi, and stores data on a hard drive. And just like your computer, a copier can be hacked.

But what dangers does your organization face from an unsecured copier, and what options do you have in order to shore up your copier’s defenses?

THE RISKS OF AN UNSECURED COPIER

An unsecured copier, like any networked device that isn’t fully secure, is a potential foothold for a hacker to mount their cyber attack against your organization’s network. Just like a computer that connects to the internet, copiers have an IP (internet protocol) address — and if a hacker knows this IP address, they have a direct connection to a device on your network.

Because office copiers are often connected to a print server, which is itself integrated with your entire organization’s network, a hacker can hopscotch their way through your network, starting with the copier, and ending at the deepest levels of your office’s digital environment.

In addition to acting as a beachhead for hackers, your copier’s hard drive can potentially be a goldmine of information for a hacker to make use of. Newer copiers have more and more RAM (random access memory), allowing you to print and make copies without storing every document that passes through the copier’s hard drive — and this is a good thing, because that means there is less stored data for hackers to sift through.

However, many organizations make use of their copier’s saved documents folder. The reason for this is simple; every time you make a copy, there is a slight image degradation that occurs. Creating a copy of an original document won’t drastically reduce the quality of the image copied, but if a copy of a copy is made over and over again, the quality of the image can severely degrade. 

To combat this, copiers offer the ability to save documents directly onto their hard drive. While this prevents copying degradation, this has the potential to store sensitive data in a not-so-secure location, especially if the copier is an older model.

The documents stored on a copier’s hard drive are often operational in nature, and contain employee names, contact information, proposals, templates, and much more. By gaining access to this information, a hacker can create a sophisticated and well-researched phishing campaign.

By pretending to be someone they’re not, a hacker can use this stolen information to convince an employee in your organization to give the hacker data they should not have access to, allowing the hacker to delve further into your network. Or, in an even worse case scenario, the hacker could find highly sensitive data on the copier’s hard drive to sell on the dark web, or use to hold your organization at ransom.

Because all of this information never leaves your network, these scenarios require a hacker to first find a way into your organization before these security breaches can occur. There is, however, and much greater risk of potentially stolen data we haven’t covered: scanned documents.

Just like creating a copy, new copier models don’t usually store the scanned image on their hard drive, but rather their RAM, making new copiers more secure than older models. Due to the nature of scanning, however, there will always be another device connected to the copier that receives the scanned image.

Whether this is to a shared folder on your network, or an employee’s email, this connection can be intercepted by a hacker. Before copiers moved into the digital age, hackers would actually “steal the light” of a scan, and interpret the dark spots in order to read data. Now, with copiers making use of encryption to send scanned images, a hacker’s job is more complicated, but in no way impossible.

Hackers are always inventing new ways to circumvent security — and in turn, cyber security experts are always inventing new methods of combating cyber attacks. This digital arms race has led to the introduction of TLS1.3 to copiers. Transport Layer Security (TLS) is the technology that makes secure, encrypted connections between two networked devices possible. 

For many years, TLS1.2 was standard, but over time, the technology became less secure as hackers’ tools grew more effective and efficient. TLS1.3 uses the same basis of technology as 1.2, but more advanced. An easy way to imagine the difference between 1.2 and 1.3 is a door with two deadbolts versus three. The technology securing the door is analogous, but requires more effort to break in.

If you scan a document to a shared folder or email, and your copier uses a TLS1.2 connection, that connection is no longer considered fully secure. This means any data on the scanned image can easily be read by the hacker intercepting the connection between your copier and the device it is sending the scanned image to.

HOW TO ENSURE YOUR COPIER IS SECURE

Just like a computer’s operating system, your copier’s firmware needs to be updated as updates are released. Keeping up with the latest firmware ensures that your copier has the strongest security measures to prevent cyber attacks. As an added benefit, updating firmware also gives you access to new features included in the updates.

Firmware updates do have limitations, however. As technology advances, manufacturers stop supporting old machines as they become less cost effective. What this means is that eventually, your old copier model won’t be supported by the latest and greatest firmware, and as a consequence won’t have the most up-to-date security features, leaving it vulnerable to cyberattack.

This backwards compatibility issue is applicable to encryption as well — there is no way to update an old copier from TLS1.2 to TLS 1.3. 

Another benefit of new copiers is the inclusion of print management solutions, which can be used to control the access and usage of networked devices. Administrators of your network can set rules and permissions across your entire network through print management tools like PaperCut or uniFLOW, allowing you to ensure only employees have access to your copier.

There are other options available; solutions such as two-factor authentication, like requiring a PIN or password to access a copier’s options can be used to keep unwanted parties out of your copier’s menus, and with mobile printing options, you can even ensure a document won’t print until the person printing it is physically present, negating the risk of a sensitive document being picked up from the output tray.

Going even further, some models of copiers include ID card scanners, fingerprint readers, and even finger vein scanners. By using biometrics, you can essentially lock out anyone from accessing your copier without your permission.

While on the topic of additional hardware points on your copier, be aware that a USB port is one of the most vulnerable points of entry on your copier. If someone has access to the USB port, and there are no security permissions present on the copier, they can easily copy data from its hard drive, or introduce malware into the system through a flash drive.

To combat this, newer copier models are coming equipped with anti-virus software like MalwareBytes and McAfee.

Even when your copier’s life comes to an end, it’s important to keep security at the forefront of your mind. The old copier’s hard drive, if not properly cleaned, can be sifted for data, which can then be used to hack into your network, or steal sensitive information from your organization. 

To easily avoid this from occurring, overwrite your old copier’s hard drive with null data, deleting all files, job logs, and address books. Depending on the manufacturer of your copier, you can do this up to eight times, slowly replacing all relevant data with what is essentially junk. Another technical solution to this problem is to forcefully apply the head of a hammer in a repeated motion upon the surface of your hard drive.

The most important action you can take to ensure your copier is secure is to set your security standards as soon as the copier enters your office, and to make sure that all employees who interact with it follow the guidelines in place. Some security procedures and rules have the potential to slow down some processes when interacting with a copier, but they do so for a very good reason: safety.

For instance, all new Canon copiers come with a quick-start function, allowing the copier to be fully operational in less than six seconds after pressing the power button. This feature doesn’t work, however, when paired with Canon copiers’ anti-virus software, which adds a few minutes of boot-up time to the start-up sequence. Sometimes organizations will become frustrated by this, and will turn off the anti-virus software, reducing their copier’s ability to defend itself from intrusion. 

Simply put, the easiest way to ensure your copier is secure is to make sure its hardware, software, and usage permissions are always as up-to-date as possible.

*This blog was written with the help of Paul Binder, Director of Technical Training, and Chuck Cecchini, Production Print Support Manager.