Are unsecured printers making your IT networks vulnerable to attack? How much money does your business spend on IT security? On average, companies spend around 10% of their IT budget on security. But are they missing something?
An unprotected printer can give an intruder access, not just to your printer files and logs, but to the whole network and everything on it, making your business vulnerable to a cyber attack or data breach.
Using an unsecured printer, a threat actor can gain bypass the firewall and gain access to your network using an unsecured printer, without even setting foot inside of your business.
You see, a simple piece of malware hidden in a document sent to print can enable the threat actor to access all of your network and everything on it.
Don’t fall into the trap of thinking that your company wouldn’t find itself a target. Motivations can vary. They could be financial, vengeful, or even to get a competitive advantage.
In some cases the motivation may be nothing to do with the victim. In 2016 a high-profile cyberattack orchestrated by a hacker known as ‘Weev’, Princeton, Berkeley, and the University of California among others. The hack resulted in thousands of printers and fax machines spewing out anti semitic propaganda. The hacker bragged that this was the first instance of mass printer trolling and, it certainly wasn’t the last.
Just last year a hacker discovered 500,000 printers on a search engine for Internet of Things devices and, downloading a simple hacking program available online, he sent messages to print promoting the You Tube channel PewDiePie on half a million printers around the world.
There are certain measures you can take that can help to secure your network and close any potential access points that your printer may create. However, you need expertise and a regular and reliable approach to ensure that all of your printer firmware is kept up to date.
Alternatively, you could use a specialist printer management services like ours, that will ensure that patches are updated on all your printers as and when they become available, that passwords are changed and managed effectively and all the other general best practice measures are taken.
Our specialist maintenance and technical teams can configure your printers to harden the potential attack surface, reducing the opportunity for attack.
We can also enhance printer security by using print release from your existing ID cards or limiting how a user can print.
Of course, if you have a malicious threat actor within your business, then by downloading some simple instructions to the printer bios, a cybercriminal can access all of your printing logs, some of which is likely to contain confidential and possibly even personally identifiable information.