Why Your Printer is a Threat Vector

Updated 08/14/2021


Shadowserver Foundation, a non-profit organization with the goal of improving cybersecurity practices worldwide, recently released findings stating that about one-eighth of all IPP-capable printers are exposed over the Internet.

IPP, or Internet Printing Protocol, allows communication between devices and printers, making it a threat vector. This protocol can exist locally or over the Internet. While it supports access control, authentication, and encryption, many businesses are not utilizing it on their printers.

Shadowserver Foundation found that of the 650,000 to 700,000 IPP-capable devices with their ports reachable via the Internet, approximately 80,000 are left exposed with no firewall protection.

Gaining access to these printers can lead to intelligence gathering, such as printer names, locations, firmware versions, organization names, WiFi network names, and the most popular makes and models of printers. That information alone can allow hackers to create more targeted attacks for the more common printer brands.

Printer manuals will have information on how to enable and best utilize the IPP capabilities of your printer. In the meantime, Shadowforce plans to release a daily report on its website so users can see if their organization is currently at risk. [(Citation)](http://3. https://www.zdnet.com/article/...)