[Faccus] FW: [Sec-wg] WARNING: Printer Security w/ Greetings from Serbia

Jason Testart jatestart at uwaterloo.ca
Tue Oct 11 15:55:24 EDT 2011


I have received reports today from several areas of campus that printers
are being "toner bombed".  If you are responsible for the management of a
printer that has been subject to such an attack, this is a reminder that
you should review the printer security standards document
http://ist.uwaterloo.ca/security/policy/mfp.shtml and implement the
recommendations.  I have included Colin Bell's original alert below.

Regards,

jt

-- 
Jason Testart, BMath, CISSP
Director, Information Security Services
Information Systems & Technology
University of Waterloo
Waterloo, Ontario CANADA
+1-519-888-4567 x38393



On 11-09-08 12:38 PM, "Colin Bell" <colin.bell at uwaterloo.ca> wrote:

>Hi,
>
>I would like to pass along a cautionary tale regarding printer security.
>Attached is a scan of a printout from a group on campus that had a stack
>of these appear between Sept 3 and Sept 5.  The printers involved printed
>an entire paper tray worth of solid black printouts.
>
>If over the past few months you have seen your printers periodically
>print 'gibberish', you have probably seen the Information Security
>Services Vulnerability Management scanners probing your printers.  If
>IST-ISS can make you print blank pages and gibberish, these attackers can
>do the same.
>
>We have been working to add exemptions to prevent paper and ink wastage
>but, please note, these exemptions are temporary.  We have been slowly
>trying to identify all printers on campus so we can get them locked down
>or moved to private networks.  This campaign represents a great deal of
>work and we understand the need for a coherent strategy for securing
>these devices.
>
>Please take note of the following IST-ISS standards document:
>   http://ist.uwaterloo.ca/security/policy/mfp.shtml
>
>If you manage printers in your area please consider making changes to
>secure the printers yourself.  I understand that this is a major
>undertaking but, as we have now seen, people have started attacking these
>unsecured printers.  It may be funny to the attackers but the
>approximately 1000 insecure printers on campus represent a costly attack
>surface for the University.
>
>Please, find the time to secure your printers!
>
>If you have any questions, comments, or concerns let me know.
>
>Many thanks,
>.cpb
>--
>Colin Bell <colin.bell at uwaterloo.ca> [+1-519-888-4567 x31245]
>
>| Systems Integration Specialist, Information Security Services
>| Information Systems & Technology
>| University of Waterloo
>_______________________________________________
>Sec-wg mailing list
>Sec-wg at lists.uwaterloo.ca
>https://lists.uwaterloo.ca/mailman/listinfo/sec-wg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: Greetings_from_Serbia.pdf
Type: application/pdf
Size: 151008 bytes
Desc: Greetings_from_Serbia.pdf
URL: <http://lists.uwaterloo.ca/pipermail/faccus/attachments/20111011/0361a552/attachment-0001.pdf>


More information about the Faccus mailing list