Between PrintDemon, PrintNightmare, and SpoolFool, print spooler vulnerabilities have been a significant problem for many companies in recent years. But it may be even worse than you thought. The truth is print spoolers have been a constant source of vulnerabilities in recent years, and things appear to be getting even worse. While you may think you have everything under control, it’s important to remember that just a single data breach can cost you time, money, and especially your reputation.
With that in mind, we’ve gathered 3 statistics that will make you think twice about your print server infrastructure—and may even keep you up at night.
Terrifying Truth #1:
The Windows Print Spooler is over 20 years old and continues to be patched, rather than overhauled.
We all know technology ages quickly. Especially computer and internet technology. You’d be laughed out of the building if you still used a phone from 20 years ago… or worse, a Palm Pilot. And yet, so many companies continue to rely on print servers and spoolers that have been around since before Gen Z. That seems crazy, right?
It’s even crazier when you consider that 12 years ago (a lifetime in technology terms), the Stuxnet virus was launched. It took advantage of a Windows Spooler vulnerability to hack into an Iranian facility handling uranium. Yikes. And while that particular vulnerability has since been patched, new ones get discovered every year—if not more often. Instead of investing resources in overhauling that system (or creating a better one), companies just keep patching their systems.
While patches may work to stem the risk, they often involve workarounds or cause other problems for users. For example, the PrintNightmare patch no longer allows end users to update drivers or print permissions on their own. Admin credentials are now needed every time, leading to a significant rise in helpdesk tickets last year.
Unfortunately, patches aren’t the only problem.
Terrifying Truth #2:
According to Kaspersky, there were about 65,000 attacks on print spoolers between July 2021 and April 2022.
Think about it. As companies have moved to hybrid and remote work environments, the move toward Zero Trust and more secure networks has been significantly accelerated. That means hackers have fewer chances to gain valuable business information through traditional methods. Not that those have stopped: Phishing attacks are also on the rise with companies stuck in these interim periods between their legacy infrastructure and adopting more secure systems and processes.
But with all the renewed focus on security, one often overlooked vulnerability continues to exist for many companies: print servers. Despite knowing that there have been vulnerabilities for years and that patches continue to roll out year after year, many companies simply haven’t made the time or budget to change out old infrastructure. Some organizations we meet at trade shows don’t even know there are other options out there.
So hackers have made it their new hobby to test spoolers. IT teams are trying to keep up, but with so much change occurring, it can be hard to get the resources needed to constantly keep a network protected. And with these attacks on the rise, it’s time to start considering your options.
Terrifying Truth #3:
According to IBM, the average cost of a data breach in 2022 is $4.35 million globally and $9.44 million in the US.
Those are big numbers. And they don’t even account for potential lost business when customers see your network as risky. Even worse, compromised credentials (one of the leading causes of data breaches) are often not discovered immediately. So your data could be leaking for months before you figure out there’s a problem, which can then lead to bigger concerns with regulators.
While most companies by now know to take network security and data protection very seriously, too many consider print to be far down the list of potential threats. And as we’ve seen from our other data, it should really be at the top. So why aren’t people more concerned?
The last terrifying truth is that many executives feel like print works well enough and are content to maintain the status quo until it becomes a problem.
Happy Truth # 1:
You can do better than the status quo.
You don’t have to keep allowing the same cycle to play out over and over. Moving to a serverless printing infrastructure like PrinterLogic can save you from the headaches and problems associated with print spoolers. With direct IP printing, data is segmented and secured at all points in the printing process. And integrations with Identity Providers (IdPs) allow end users to access features like Secure Release Printing and Mobile Printing. Plus, the PrinterLogic platform is SaaS-based, so it stays up-to-date with any security releases without you having to worry.
The best part? It’s more cost-effective than a print server infrastructure too!
Without the threat of print spoolers being exposed and at risk, your team can focus on other big security initiatives as technology continues to advance. Isn’t it time you stopped living in the past and started investing in your future?