I read that hackers can infiltrate corporate networks through multifunction printers in one out of every two attempts....
Do you think that's true? How can we lower this risk? What controls can be put in place to prevent printers from being a risk?
Since I began performing security assessments nearly 15 years ago, I've seen numerous vulnerabilities in network printers and multifunction systems. Many people question why I list such vulnerabilities on security assessment reports, but they're indeed a business risk -- especially when Active Directory credentials can be obtained from them. It's almost always a default, weak or blank password on a Web or FTP interface that creates openings for attackers. And these vulnerabilities create a series of potential problems such as attackers not only being able to view print jobs and scanned images, but also being able to change system settings to effectively create a denial-of-service situation, which can be pretty detrimental to certain businesses.
Of course, someone has to be on your network to access these systems -- unless either the systems are Internet-accessible or the attacker has gained access through a poorly secured wireless network or other means. All it takes is one rogue employee or contractor to carry out such an exploit from the inside and you'll never know about it.
What should your organization do? Implement the same security basics we've known about for decades; be sure to change default passwords to strong passphrases, patch firmware, disable unnecessary Web and FTP services, and segment critical systems on the network.
Enterprises should also make sure they're performing vulnerability scans of printers and related systems on a regular basis with both a network vulnerability scanner and a Web vulnerability scanner. Just know that if vulnerabilities or Web interface workflows are exploited due to a weak password or other flaw, the scanner might end up changing the configuration of the system including the language, which can make it extra tricky to reconfigure.
Ask the Expert!
Perplexed about network security? Send Kevin Beaver your questions today! (All questions are anonymous.)
Just how vulnerable are network printers? Find out here
Learn more about embedded system security strategies
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Compare host IDS vs. network IDS through the pros and cons of each, and learn how more modern systems may be better suited to ensure effective ... Continue Reading
Explore the differing roles of inbound versus outbound firewall rules for enterprise network security and the varying use cases for each. Continue Reading
Different tools protect different assets at the network and application layers. But both network and application security need to support the larger ... Continue Reading