The Recycler
  • Katun March Web Advert 2021
  • Nubeprint Online 425x90
  • ECS Web ad October
  • Ninestar Masthead banner July 2021
  • Biuromax Web ad May 2021

Printer security and hazards highlighted

Printer security and hazards highlighted

May 4, 2016

A tech website has discussed the “overlooked” threat of printer hacking.printer office

CSO reported on printer hacking, notifying users that if they “think that printer in the corner isn’t a threat”, they should “think again”. The printer as an “overlooked attack surface” comes as “many companies don’t bother to update the firmware”, or “don’t include every model in a security audit”, while many assume “a hacker won’t bother”.

The site believes that “because a printer is so innocuous and seemingly harmless, that’s the exact reason it poses a threat”. According to IDC research, 35 percent of all office security breaches “were traced back to an unsecured printer” of MFP, costing businesses around $133,800 (€116,540), and printers are not often protected when “outdated” and running “original firmware”.

Chris Vickery, a so-called white hat hacker and Security Researcher at MacKeeper, told CSO that “printers at first may seem like a benign issue, however you have to remember that they are mini-computers. Getting control of a printer within an organisation can provide a foothold for further attacks and a position to ‘pivot’ out of into networks”. The article added that “gaining access to the network through the printer” is perhaps the “most serious threat” posed by printer security issues.

Other threats include “capturing every document sent to the printer”, causing a “serious business intelligence compromise”, while IDC Security Researcher Arianna Valentini, added that “apart from the actual hacks into the printer itself, another security concern has to do with documents left unattended”. Older printers have no security, so a thief could steal documents, digitise them and “sell company secrets”, and Vickery adds that this “arose partly due to neglect”.

OEMs are also to blame for how they have “failed to protect the devices”, with default password protection said to be “one of the biggest innovations in printer security”. Gartner Security Researcher Lawrence Pingree contributed one further threat, where organisations that require regulatory compliance will see printers “subject to any inquiries”, as much as a laptop might be. Issues are not “brand-specific”, though HP Inc has “stepped up” its printer security lately.

Ricoh machines also experience a “new vulnerability”, as they each have a “backdoor admin account” which allows anyone to login “as supervisor with no password”; you can then change the main admin password, access the account and “change the firmware”. In terms of advice, CSO comments that “it’s too easy to suggest” replacing older machines with new ones, but “the technology in recent models has advanced to the point where it is worth considering”.

Valentini highlighted HP Inc’s new PageWide machines that utilise the Sure Start technology to detect if a printer is “booting using the correct BIOS”, while Xerox launched a new feature in March that “uses encryption for all printing and scanning”, as well as automatically deleting print jobs when a printetr is powered up. She added that “we expect to continue to see more product releases from printer manufacturers and software vendors who are taking steps to better help organisations enable a secure print environment”.

Pingree concluded that it’s important to “see a printer for what it is – another server that is running an operating system and is open to attack”, meaning it needs to be secured. IT admins usually use their own credentials and set up printers, which could leave them open to hacking, and CSO wrapped up its article by stating that “there are too many options for attack […] it’s important to address any possible scenarios, even if the printer then resumes collecting dust”.

 

 

 

Don’t miss

2000x1000_Layout 1

Categories : Products and Technology

Tags : Printers Security USA

  • Mito September 2021 Web Advert
  • Aster Web ad October
  • Static Web ad July 2021
  • GPI Web ad October
  • GM Tech Web ad October
  • Armor May banner Ink
  • Apex web ad May 2021 version 2
  • Ninestar Big & Bold July 2021
  • IR Italiana Web ad January 2021
  • CTS Toner Supplies Web ad April 2021
  • ITP Web ad January 2021
  • Ohana July 2021 web advert
  • CET Web ad September 2021
  • HYB Web ad February 2021
  • PCL Web ad January 2021
  • Adter Recruitment Web ad April 2021
  • PW Dubai December Ad
  • CET Web ad September 2021
  • CTS Toner Supplies Web ad April 2021
  • PW Dubai December Ad
  • PCL Web ad January 2021
  • Ohana July 2021 web advert
  • HYB Web ad February 2021
  • Adter Recruitment Web ad April 2021
  • ITP Web ad January 2021
  • PCL Web ad January 2021
  • HYB Web ad February 2021
  • ITP Web ad January 2021
  • CET Web ad September 2021
  • CTS Toner Supplies Web ad April 2021
  • Ohana July 2021 web advert
  • PW Dubai December Ad
  • Adter Recruitment Web ad April 2021

The Recycler, Wittas House, Two Rivers, Station Lane, Witney, OX28 4BH, United Kingdom | Tel: +44 (0) 1993 899800 | Fax : +44 (0) 1993 226899
©2006-2021 The Recycler - Terms & Conditions - Privacy Policy including cookie use

Web design Dorset | Websites by Mark