Given the proliferation of printers in banking (a large institution may have tens of thousands of printers spread across the country) printer management needs to play a critical role in the ongoing war against hackers.
This issue recently came to the forefront in a hack at Bangladesh Bank that resulted in the loss of $81 million. Early one morning, a director at Bangladesh Bank noticed that no transaction receipts had printed overnight, an abnormality that prompted the bank to review recent transactions. The incident resulted in the frantic issuing of stop payments at the Federal Reserve Bank of New York and several central banks worldwide. Had the printer not flagged the issue, the $81 million heist could have exceeded $1 billion.
While a printer was only indirectly involved in this bank theft, other recent hacks, including one that resulted in the mass printing of racist fliers at several U.S. universities, are directing attention to this often-overlooked area of vulnerability. When Information Technology (IT) security professionals design security strategies, printers aren’t usually high on the priority list. However, office printers and multi-function devices are typically network-connected and many people don’t realize that they ship unsecured by default. These devices listen on all ports and support many protocols, which makes them easy to install on a network but also introduces potential security problems if they are not properly locked down.