Secured! Think Again About That Printer in the Corner

In many organizations the printers are used too often and in some it is collecting dust, apparently, it’s the best target that can be used as an attacking surface. There are countless companies who don’t bother about updating the firmware of their printers, leaving their documents open to attackers. The inventories like printers and others are not even discussed in annual security audits and are assumed to be useless in security aspects.

As printers are seemingly harmless, that’s the exact reason it poses a serious threat. Sometimes, the best attack vector for an attacker is the one to which no one bothers to think about. However, a recent IDC survey found that 35 percent of all security breaches in offices were traced back to an unsecured printer or multi-function device, costing companies $133,800 each year.

Why Companies Should Consider Printer as a Security Threat?

As printers are the essential inventories to business from small organizations to huge corporate level organizations and are ignored when it comes to vulnerability management and assessment. Enterprise security tools are only to protect computers and network; they often do not block or monitor access from the printers. That makes the printer a trouble-free approach to the attacker.

Chris Vickery, a white hat hacker and Security Researcher at MacKeeper said: “Getting control of a printer within an organization can provide a foothold for further attacks and a position to ‘pivot’ out of into networks”.

There are some serious effects if the printer gets compromised and used by attacker, like attackers can capture every document sent to the printer. It could be serious business intelligence comprise that no organization can tolerate.

Preventing Data Loss from Printers

It’s too easy to suggest one ultimate security tip to prevent such threat that includes the replacement of outdated printers with newer models that have some latest security features. Furthermore, Data encryption should be introduced to all latest printers to prevent data exposure if compromised. Although it has been adopted by Xerox in March 2016, other companies should also consider this feature to introduce with their products.

In the end, as IT administrators are responsible to configure printer and other multipurpose device in an organization, they should be aware of the threats associated with those devices so some serious countermeasures can be taken prior to the transmission of data.

Ehacking Staff
With more than 50 global partners, we are proud to count the world’s leading cybersecurity training provider. EH Academy is the brainchild of Ehacking, which has been involved in the field of training since the past Five years and continues to help in creating professional IT experts.

Most Popular

Blind SQL Injection Tutorial to Hack a Website

In the previous article, we have the basics of SQL Injection; what SQLi is and what are the types of SQL injection. And, In...

What is SQL Injection? Tutorial: Type and Example

What is SQL injection, and what are the types of SQL injection? These are the common questions, and we will seek the answer to...

Are Cisco 300-410 Exam and Its Related Certification Your Pathway to Career Success? Find Out about This

Introduction Career success can mean different things to different people. For some, it could mean having a prestigious title and for others, it could be...

How to Hack Windows 10 Password Using FakeLogonScreen in Kali Linux

This article demonstrates an in-depth guide on how to hack Windows 10 Passwords using FakeLogonScreen. Hacking Windows 10 password is an exciting topic and...