I read that hackers can infiltrate corporate networks through multifunction printers in one out of every two attempts....
Do you think that's true? How can we lower this risk? What controls can be put in place to prevent printers from being a risk?
Since I began performing security assessments nearly 15 years ago, I've seen numerous vulnerabilities in network printers and multifunction systems. Many people question why I list such vulnerabilities on security assessment reports, but they're indeed a business risk -- especially when Active Directory credentials can be obtained from them. It's almost always a default, weak or blank password on a Web or FTP interface that creates openings for attackers. And these vulnerabilities create a series of potential problems such as attackers not only being able to view print jobs and scanned images, but also being able to change system settings to effectively create a denial-of-service situation, which can be pretty detrimental to certain businesses.
Of course, someone has to be on your network to access these systems -- unless either the systems are Internet-accessible or the attacker has gained access through a poorly secured wireless network or other means. All it takes is one rogue employee or contractor to carry out such an exploit from the inside and you'll never know about it.
What should your organization do? Implement the same security basics we've known about for decades; be sure to change default passwords to strong passphrases, patch firmware, disable unnecessary Web and FTP services, and segment critical systems on the network.
Enterprises should also make sure they're performing vulnerability scans of printers and related systems on a regular basis with both a network vulnerability scanner and a Web vulnerability scanner. Just know that if vulnerabilities or Web interface workflows are exploited due to a weak password or other flaw, the scanner might end up changing the configuration of the system including the language, which can make it extra tricky to reconfigure.
Ask the Expert!
Perplexed about network security? Send Kevin Beaver your questions today! (All questions are anonymous.)
Just how vulnerable are network printers? Find out here
Learn more about embedded system security strategies
Dig Deeper on Network device security: Appliances, firewalls and switches
Related Q&A from Kevin Beaver
Android Oreo replaced the allow unknown sources setting with a new feature that enables users to selectively install unknown apps. Kevin Beaver ... Continue Reading
Equifax's Apache Struts vulnerability was an example of a scan not being read correctly. Kevin Beaver explains vulnerability scans and how issues can... Continue Reading
Several vulnerabilities were recently discovered in Android bootloaders via the BootStomp tool. Kevin Beaver explains how they work and what risk ... Continue Reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.