Monthly Archives: July 2017

Ricoh’s Protection From Malware

Ricoh's protection from malware

With over 1,000,000 new malware attacks released per day…I think that’s worth repeating..With over 1,000,000 new malware attacks a day, the importance of protecting any system which acts in any capacity online is paramount. Ricoh’s protection from malware, using encryption technology as well as other fail safes is making sure they are on the forefront of this area.

Protection From Malware

The administrator of the multi-function copier can set up SSL/TLS for encrypted communications. The SSL/TLS setup prevents data from being tapped into, analyzed, or altered during communications. For instance, a customer using e-mail services and cloud services over the Internet may want to encrypt communications using the scan-to-e-mail function. This method greatly reduces the risk of information leaks or alterations when an external SMTP server is used. The communication between a smartphone application “RICOH Smart Device Connector” and MFP is encrypted by SSL/TLS as well.

Since recent hackers have high skills for decrypting communications, strong encryption algorithms are needed to minimize information leakage from hardcopy devices. By implementing the 256-bit AES and SHA-2 encryption algorithms required by the U.S. National Institute of Standards and Technology (NIST) and adopting HMAC_DRBG to create encryption key, Ricoh increases the security of communications and internal processing on the latest Ricoh devices which have encryption function.

  • Ricoh’s multifunction copiers are capable of SSL/TLS communications conforming to FIPS 140-2 specifications, the network communications requirements of the U.S. government.

Encryption over SSL/TLS

SNMPv3-encrypted communications

SNMP (Simple Network Management Protocol) is a protocol for collecting information on network devices so that they can be monitored and controlled. The information includes, for example, the total number of copies a device has printed and the errors it has encountered. SNMP is also used to operate the devices, such as monitoring the operating status of its services. These functions are based on information obtained from a management information base (MIB), which describes the configuration of the network devices. SNMPv3 incorporates user authentication and data encryption functions which protect user data and network device information.

S/MIME for scan-to-e-mail

To minimize the risk of information leaks, e-mail messages can be sent using public key cryptography and a certificate of user verification that has been registered in the address book of a multifunction copier. Spoofing and message alteration can be prevented by attaching an electronic signature using a secret key based on a device certificate in the the multifunction copier.

  • This feature is not available with W-NET FAX and direct SMTP.

WPA (Wi-Fi Protected Access) support

WPA is an encryption system for wireless networks. WPA provides greater security than WEP, a conventional encryption system. In addition to the SSID and security key used in WEP, WPA features a user authentication function and an encryption protocol called TKIP (Temporal Key Integrity Protocol) which automatically updates the encryption key at certain intervals.

Can Printers Get Hacked

Can Printers get hacked

Can Printers Get Hacked? Or use a hijacked printer as a copy machine for criminals, making it easy to commit identity theft or even take control of entire networks that would otherwise be secure?

It’s not only possible, but likely, say researchers at Columbia University, who claim they’ve discovered a new class of computer security flaws that could impact millions of businesses, consumers, and even government agencies.

Printers can be remotely controlled by computer criminals over the Internet, with the potential to steal personal information, attack otherwise secure networks and even cause physical damage, the researchers argue in a vulnerability warning first reported by They say there’s no easy fix for the flaw they’ve identified in some Hewlett-Packard LaserJet printer lines – and perhaps on other firms’ printers, too – and there’s no way to tell if hackers have already exploited it.

The researchers, who have working quietly for months in an electronics lab under a series of government and industry grants, described the flaw in a private briefing for federal agencies two weeks ago.


The flaw involves firmware that runs so-called “embedded systems” such as computer printers, which increasingly are packed with functions that make them operate more like full-fledged computers. They also are commonly connected to the Internet.

“The problem is, technology companies aren’t really looking into this corner of the Internet. But we are,” said Columbia professor Salvatore Stolfo, who directed the research in the Computer Science Department of Columbia University’s School of Engineering and Applied Science. “The research on this is crystal clear. The impact of this is very large. These devices are completely open and available to be exploited.”

Printer security flaws have long been theorized, but the Columbia researchers say they’ve discovered the first-ever doorway into millions of printers worldwide. In one demonstration of an attack based on the flaw, Stolfo and fellow researcher Ang Cui showed how a hijacked computer could be given instructions that would continuously heat up the printer’s fuser – which is designed to dry the ink once it’s applied to paper – eventually causing the paper to turn brown and smoke.

In that demonstration, a thermal switch shut the printer down – basically, causing it to self-destruct – before a fire started, but the researchers believe other printers might be used as fire starters, giving computer hackers a dangerous new tool that could allow simple computer code to wreak real-world havoc.

In all cases, the Columbia researchers claim, duping a would-be target into printing a virus-laden document is enough to take control of that person’s printer; but in some cases, printers are configured to accept print jobs via the Internet, meaning the virus can be installed remotely, without any interaction by the printer’s owner.

“It’s like selling a car without selling the keys to lock it,” Stolfo said. “It’s totally insecure.”

Columbia researcher Ang Cui explains how he was able to infect an HP printer with malicious code. Columbia University

Rewriting the printer’s firmware takes only about 30 seconds, and a virus would be virtually impossible to detect once installed. Only pulling the computer chips out of the printer and testing them would reveal an attack, Cui said. No modern antivirus software has the ability to scan, let alone fix, the software which runs on embedded chips in a printer.


There are plenty of points of contention between HP and the researchers, however. Moore, the HP executive, said the firm’s newer printers do require digitally signed firmware upgrades, and have since 2009. The printers tested by the researchers are older models, Moore said.

In contrast, the Columbia researchers say they purchased one of the printers they hacked in September at a major New York City office supply store.

In an exclusive demonstration for at Columbia University’s Intrusion Detection Systems Laboratory, Cui and Stolfo revealed the kind of havoc an attacker could wreak once they gained control of a printer. After sending a virus-laced print job to a target printer, the device’s small screen read, in sequence, “Erasing…Programming…Code Update Complete.”

In one demonstration, Cui printed a tax return on an infected printer, which in turn sent the tax form to a second computer playing the part of a hacker’s machine. The latter computer then scanned the document for critical information such as Social Security numbers, and when it found one, automatically published it on a Twitter feed.

A hacker who merely wanted to wreak havoc could easily disable thousands – or perhaps millions – of vulnerable printers, Cui said, as it is trivial to send the printer upgrades that would render it inoperable.