Awareness that a thorough security policy should include measures for secure network printing is rising slowly but surely.
by Mike Majewski
Every organization and enterprise has sensitive data that needs to be protected from unauthorized access. Organizations usually protect this data with passwords and similar security measures, but managers should take extra measures when the data are sent, over the network, to be printed. Unprotected data are easy prey for hackers -- those inside and outside the organization -- who can attain these data without much technical know-how. Encrypting print data during transmission with the Secure Socket Layer (SSL) protocol, defined by the IETF (Internet Engineering Task Force) which later renamed it Transport Layer Security (TLS), is an effective protection technology against such attacks. However, in Windows networks this is very difficult (sometimes even impossible) to do, and only a few proprietary solutions exist.
Awareness that a thorough security policy should include measures for secure network printing is rising slowly but surely. Compliance -- a state of being in accordance with established guidelines, specifications, or legislation, or the process of becoming so -- is also relevant in this context as it includes the protection of sensitive data often found in print documents. Unencrypted print jobs in a network are an easy target for attacks.
External and Internal Attacks on Print Data
If hackers gain access to a network from outside the organization, they can intercept print data. WAN architectures like those used by businesses -- which transmit their data via insecure Internet connections (e.g., DSL) to branch offices, customers, and suppliers -- are especially endangered. The greater danger is often harbored within: Recent studies reveal that about half of all business crimes are committed by employees who have access rights and their own accounts.
The damage for companies that are victims of such attacks can be significant, whether measured in money or time (e.g., delayed business processes, competitive disadvantages, legal consequences). Immaterial damage, such as the loss of a trustworthy image, can also result from these attacks. In this moment, managers often realize that compared to such damages, the costs for preventive security measures would have been much less.
Unencrypted Print Data are Easy Prey
Unencrypted print data are a weakness in every IT security environment because without encryption, all printing protocols transmit print data as (more or less) readable, clear text. The printer command languages PCL (Printer Control Language) and Postscript are page-description protocols that include the document information in clear text in addition to control and command characters. Reading a text transmitted in ASCII format is even simpler.
Hackers need only a simple sniffer application -- which they can download from the Internet -- to record print data during transmission. They can easily find freeware applications that enable them to read this data -- even in the format of the original document. Attackers can manipulate and resend this data with agent software to redirect print data coming from other clients to the sniffer, then manipulate the original data with a simple editor and print it via the Windows LPR command. Common printing protocols (LPD/LPR/Sockets, SMB/CIFS etc.) cannot encrypt print data and offer no protection.