First Phase Data and HP Respond to Printer Hacking – Successfully Stopped
First Phase Data, along with a security-enabled HP printer, saved a large steel company from being hacked. It’s a real story of how real people stopped a real attack – in real-time.
Printer Hacking – Halted!
The first call that day at First Phase Data was an urgent one. A large manufacturing company in Winnipeg was on the line, in a panic. The company’s main printer, an HP M605dn, wasn’t booting up. The company depended on that printer for its operations, but it had some sort of error. The customer tried rebooting the printer several times, but it still wouldn’t come online.
First Phase Data’s experienced support staff quickly went to work. They asked the customer a series of questions, designed to troubleshoot the problem. After a few questions, the staff discovered the cause of the problem – the printer was being hacked.
The customer was perplexed. Their printer was being hacked? You could hack computers, you could hack networks, but could you hack printers? They’d never heard of that.
You can hack any device connected to the Internet—and many network printers connect to the Internet for access by remote employees. A savvy hacker can access an Internet-connected printer to break into other computers and servers on the corporate network; 18% of printer attacks lead to unauthorized network access. This is what the hacker who attacked the client’s printer was trying to do.
Fortunately for the client, their HP M605dn printer contained a built-in security function that shuts down the printer when a hacker is trying to intrude. First Phase Data’s staff explained to the client what was happening: a malicious actor was trying to hack into their corporate network through their network printer. The security protocols in the printer automatically shut down the device and displayed an error message, effectively stopping the attack before compromising the main network. First Phase Data dispatched a service tech and brought the printer back online, safely.
Everyone breathed a collective sigh of relief. The client went from being panicked to being grateful for avoiding a potentially costly attack–thanks to HP printers and the staff at First Phase Data.
How HP Printers Stop Hackers
HP is one of the world’s leading suppliers of consumer and corporate printers. The company’s Enterprise-class printers contain the industry’s most advanced embedded security features to constantly guard against unwanted intrusion.
HP’s printers include four key security technologies that are continually monitoring the device to detect and stop all attacks. When the printer detects an attack it automatically disconnects from the network and self-heals by triggering a reboot. No human intervention is necessary–although the printer can notify network administrators of all attacks.
Step 1: Check BIOS
The first step in HP’s intrusion detection is to check the printer’s BIOS, a set of instructions, run during the boot process, that initiate the device’s firmware and load critical hardware components. HP’s Sure Start technology validates the integrity of the BIOS when the printer powers up; if it finds that the BIOS is compromised, it forces the printer to restart using a safe “golden copy” copy of its BIOS.
Step 2: Check Firmware
Next, the printer checks to see if it is running authentic firmware, digitally signed by HP. Firmware coordinates the printer’s functions, security, and controls; if it’s compromised, it could expose the entire corporate network to attack. The HP printer checks the firmware against a “whitelist” of approved firmware versions. If the firmware doesn’t match the approved list, the printer reboots to a secure offline state and notifies IT staff.
Step 3: Check Printer Settings
Once the printer is up and running, HP’s JetAdvantage Security Manager goes into action. This is run-time intrusion detection that monitors the printer’s memory activity. If it discovers any discrepancies, the technology stops the intrusion and reboots the printer. After the reboot, JetAdvantage resets any security settings that may have been compromised during the attack.
Step 4: Check Network Connections
Finally, HP’s Connection Inspector works behind the scenes to evaluate outgoing network connections. It stops any malware on the printer from contacting malicious servers, stealing data, or otherwise compromising the corporate network. If it finds anything suspicious, the Connection Inspector triggers a self-healing reboot.
Discover HP’s Enterprise-Class Printers at First Phase Data
First Phase Data is proud to provide its customers with the full range of HP Enterprise-class printers. These printers are designed not only to fulfill a company’s printing needs but also to be the most secure network printers available today. First Phase Data has been providing printers and copiers to Canadian businesses since 1983. We back up the products we sell with superior customer service and technical support–even if your printer is the target of a malicious hacker!
Contact First Phase Data today to learn more about HP printers!