Stop Printing Your Private Information Away to Strangers

Amidst thousands of cybersecurity attacks, most of us don’t turn to our printers believing they might have turned against us (with the help of some hackers, of course). Maybe the occasional paper jam occurs, leaving us frustrated, but the reality is that we don’t suspect printers because they don’t seem technologically advanced enough to be used for cyberattacks. Why would you even want to attack a printer? Well, most printers don’t contain built-in malware protection, which means all print jobs can be easily compromised. Personal information of employees, private client information, and everything else within a company’s database can be stolen. Hewlett – Packard, more commonly known as HP®, recently launched a security bug program inviting 34 security researchers (who are probably just a bunch of IT guys, or at least poseurs) to participate in a “hunting season” of printer bugs and defects. The bounty for these bugs? Only $10,000. And this comes after their video campaign featuring Christian Slater as The Wolf and Jonathan Banks as The Fixer, aiming to educate people about the vulnerability in all technology. Even in the most prestigious of companies or government jobs, technology has failed and HP® (apparently) is ready to fix it.

Open Season Begins

Printers connect directly to local networks, across the Internet, or via Bluetooth (which we all know is <eye roll> “super” secure). So even though PC’s are at the top of our security list, we should keep our eyes on our printers as well. There are numerous ways hackers can attack. By using a hardware chip, attackers can forward the desired information to a remote location or they can bypass the control authentication in order to modify the printer’s memory. They can also create their own malware to connect to the printer and obtain access to an entire network. Plus, 3-D printers face the risk of hackers stealing prototype designs. Looks like the IT department has their work cut-out for them.

HP® partnered with Bugcrowd for the bounty program to reward researchers (IT guys) who found flaws with their printers. Only days after computer-bug hunting season opened, two security vulnerabilities have been recognized and HP has released firmware patches for them. They also have been advertising their new printers, which purportedly detect malicious code, stop the execution of it, and reboot to initiate self-repairs.

The Wolf vs. The Fixer

Hewlett – Packard has a reputation for being incredibly on top of their security standards and educating the public on how to protect their devices. But this time they’ve made their announcements a little more entertaining. The company has released a series of short films to remind everyone that only two percent of the millions of PC’s are secured. Let us introduce you to the Wolf, just your typical mean hacker person who only wants to skim data off of you.

 

Now we’ve got the fixer. He’s your nice IT support professional, just trying to help you fix your broken technology and protect you from the Wolf.

Protect You Printers & PC’s

Because of the new programs HP® is running, there has been great success in identifying potential threats to consumer and corporate PC’s. They have improved printers and copy machines, which now have anti-malware security and “self-healing” capabilities. The printers can stop a computer bug from entering their system on their own. Plus, the bugs found in the bounty hunt are already being corrected with released program patches. And IT support professionals are always ready to help keep your technology updated and working. That is, if they’re paying attention. Ninety percent of the networks our engineers look at have had some really lazy IT guys who don’t update these things either. That’s why they call us, I guess. Don’t let security flaws bug you! Protect your network or else you might have to hire some computer-bug bounty hunters, aka the IT guys.

NOTICE

EXEMPT FROM STAY-AT-HOME ORDER

As part of the Nation's Critical Infrastructure
JIT Outsource is EXEMPT FROM EXECUTIVE ORDER N-33-20
And shall continue operations by way of exceptions found at
https://www.cisa.gov/identifying-critical-infrastructure-during-covid-19