Boost in Printer Security

Friday, November 6, 2015 @ 05:11 PM gHale

With printers getting smarter all the time, it is no surprise they are security risks.

Way back in 2011, a small group of university researchers working on securing embedded devices were thinking along those lines when the Department of Homeland Security (DHS) Science and Technology Directorate (S&T) took notice.

Unsupported ICS: Not an Easy Upgrade
Remedy to Fix Unsupported PKS Hole
Age of New and Different
German Steel Mill Attack: Inside Job

That effort has since evolved into a technology – called Symbiote – that Hewlett-Packard (HP) just licensed from Red Balloon Security, to protect its printers from cyber attacks.

Symbiote technology will end up integrated into HP’s LaserJet Enterprise printers and multi-function printers. This new partnership between Red Balloon Security and HP is a move to increase security for a great number of devices.

“What makes the Symbiote technology unique is the protection it offers for devices most organizations don’t think to protect, like Voice over IP (VoIP) phones and printers,” said S&T Cyber Security Division (CSD) Internet Measurement and Attack Modeling Program Manager Dr. Ann Cox.

The work initially ended up developed by researchers at Columbia University, who subsequently formed Red Balloon Security and continued developing the Symbiote technology.

Symbiote can detect intentional interference on embedded system devices, such as routers, VoIP phones, point-of-sale devices, among others. Red Balloon attracted the attention of HP after it decided to use a common HP printer for its research, completed a proof of concept, and published the results academically through Columbia University. HP has incorporated the Symbiote technology into their printer product line, providing protection to devices worldwide.

“The Symbiote technology is leading cyber security innovation,” said Cox. “This technology is still developing new features to even the playing field between the attackers and defenders, allowing the defenders to pull ahead.”

The technology features new capabilities that enable it to determine where the firmware suffered penetration and to lock down other devices on the same network to shield them from the attack. The technology ended up developed using some of the same techniques used by hackers, in effect, turning their own techniques against them. By leveraging these techniques, Symbiote uses unique code every time it ends up placed in a new system. Each device has a different arrangement of Symbiote, making it hard for hackers to break into the device. The hacker must put the same level of effort into breaking into subsequent devices as they did to hack the first device.

The Symbiote technology works best when incorporated into products during the manufacturing process.