If a black hat is looking to gain access to a network they will scan all devices on the network by going to each IP address within a given network address block. Scanning allows them to look for IP addresses that are live or awake and listening to the network adapter. Once the hacker's scan program finds a device it may look further or store information for more in-depth scanning later. The in-depth scanning is where they look for overlooked security vulnerabilities and default passwords. Networked printer security depends upon the intervention of a human to make sure the printer firmware has been updated and any default passwords have been changed.
Unless a network printer is configured correctly before placing it into service it can become a target for black hats to get into your network to produce denial of service attacks or as a launching point for other attacks on your network. Many network printers come with upgradeable firmware allowing you to upload patches to your printer. These firmware upgrades are provided by the manufacturer for security faults in the software or for additional features.
Other printers also come with web servers built into them with configuration manager software. The web servers are setup with a default user and password that needs to be changed. Black hat hackers look for printers without changed passwords in order to easily download their own malicious tools.
If basic networked printer security is not followed, black hats will attempt to do all or part of these:
If you're worried about personal data being mined or acquired, take a deep breath, and check out our article on printers storing personal information.
Printers as well as any other device with an embedded operating system can be can be hacked due to security vulnerabilities. Your own PC you use at home or at work runs a similar operating system (OS) like Linux or Windows and these OS’s are updated for bugs and security flaws constantly. To keep your network printer from falling into the hands of a black hat you will have to look to the manufacturer for updates to the embedded OS. These patches or fixes either come with a utility or the management software for the printer has the utility built to update the printer firmware.
Printers that are taken out of the box, given an IP address with no other security considerations can be the most dangerous device on your network. If a printer has a web management interface that allows configuration via a web browser you will need to connect to the web browser and either disable the web management or change the default password to the administrator account. Without the password change or the web management disabled your printer is a target just waiting to be hacked at some point in time. The first thing black hats do is scan a network looking for vulnerable devices. Once a device is found they try gaining access with the default passwords. If they find one device they will find all other devices on your network with default passwords still configured.
Printers do not need to be configured with a publicly routable IP address. Within your own network you can create private subnets using the non-routable IP addresses of 10.x.x.x or 127.x.x.x address ranges. Placing all of your devices or printers that do not need to have a public and routable address into the private address range allows only those computers on your network or connected via virtual private network (VPN) access to those printers and devices. Placing your printers into a private subnet still means you have to address security flaws in the printer firmware and change the default passwords because computers on the public network could become compromised allowing black hats access to your printers through the compromised computer.
Some of these things are not as simplistic as they are explained here, but the gist is, you need to enhance network security measures in order to be safe, and if you don't know how to do this, we can certainly help get you on track.
Quick Key to Hacker "Hats", since hackers aren't inherently "good" or "bad":
Black Hat - Malicious intent, usually for personal gain, will NEVER ask your permission to hack you
Gray Hat - Typically no malicious intent, unless the pay out is the only motive. Will hack for good or evil, usually "forget" to ask permission to hack you
White Hat - The good guys in the security realm, usually working for legitimate firms, will ALWAYS ask your permission to hack you