How Printers, Copiers, and Other Office Equipment Can Become Cybersecurity Risks
You may have a security hole sitting in the corner. Yes, it's the innocuous office printer.
Modern printers are multifunction devices—printing, scanning, copying, even fax & email. How do they do that? By connecting to your network.
What does every device that connects to a network need? Cybersecurity protections.
How many printers receive those protections? In our experience...almost none.
Multifunction printers have three components vulnerable to cyberattack:
- A printer operating system. In August, researchers discovered vulnerabilities in six major brands' printers.
- An internal hard drive. Yes, most printers have those. They store the data you send to the printer, and all the confidential documents you scan & fax. This makes each printer a repository of confidential company data.
- A default password. Almost all the time, nobody changes this from what the manufacturer set. Cybercriminals already know those passwords.
This holds true for copiers, scanners, and other standalone office equipment too. Did your IT team secure all of them?
Chances are the answer's no. So let's practice good Cyber Fu and take care of these potential risks right now:
- Secure the printer's network access. Treat it like another workstation.
- Change the printer's default password. Use the same password approach you would for workstations. (Don't worry, the computer needs to remember it; you don't.)
- Keep printer software up-to-date, both on your computers (drivers) and on the printer itself (firmware).
- Never throw a printer in the trash. Always e-waste it and make sure they destroy the internal hard drive, so nobody can swipe the data later.
Do you have a cybersecurity question you want answered? Send it in to firstname.lastname@example.org and it may show up in our next "Cyber Fu Tip."