Few people place printers on their list of devices vulnerable to hacking, even though they have the same internet connection capabilities as any other smart gadget on the local network. This connectivity turns these devices into an attack vector that could let hackers roam free on your LAN.
Zakir Hussain, Director for BD Software Distribution Pvt. Ltd says, if you search for printing devices exposed to the public internet, you’d find thousands; and the chances are that many are poorly or fully unprotected against external access. Printing systems are the only ones that bring digital documents into our palpable world, and the type of information they handle ranges from business-related communication to financial and personal details. Simply put, printers process details you don’t want to fall into the wrong hands.
Freelancers in the accounting, financial, medical or legal consulting line of work rely on these devices to do their job and they often lack the technical skills to choose and deploy intrusion detection/protection systems that detect and block threats on the network.
A hacker compromising their printing systems would hit the jackpot, getting access to documents belonging to clients to help prepare a much more effective attack against targets with deeper pockets. The success of a spear-phishing operation depends on the quality of the information at hand, and business documents are a valuable asset.
Web attackers could steal this information, but researchers have shown that it is also possible to feed printing jobs without authorization or even worse, manipulate the print jobs so that the result on paper is different than the original source.
Furthermore, hackers can use printers as the initial point of intrusion that allows them to hop to other gadgets on the network and exploit vulnerabilities there. Depending on the motivation and skills of the attacker, they could take control of the network and everything that passes through it.
Hardware security solutions that monitor and protect the network are no longer reserved for corporate premises as solutions are now available for home users too. The solutions include a wide array of defenses against threats to your network, while pointing out the devices that suffer from known vulnerabilities and weak password protection. Its better to be safe than sorry....