{"id":52602,"date":"2017-01-26T09:14:13","date_gmt":"2017-01-26T14:14:13","guid":{"rendered":"http:\/\/cloudtweaks.com\/?p=52602"},"modified":"2022-07-08T06:33:24","modified_gmt":"2022-07-08T10:33:24","slug":"printers-help-hackers-hide-plain-sight","status":"publish","type":"post","link":"https:\/\/cloudtweaks.com\/2017\/01\/printers-help-hackers-hide-plain-sight\/","title":{"rendered":"How Printers Help Hackers Hide In Plain Sight"},"content":{"rendered":"

Printers and Hackers<\/h1>\n

Spies and thieves often do their best work by hiding in plain sight. No one suspects the person sipping coffee at the table across from you in the coffee shop \u2013 the one who happens to be reading your computer through the unsecured Wi-Fi. No one ever thinks that the PIN they enter at the ATM or debit card terminal is being watched by someone a few feet away. Few people consider the danger of including their real birthdate when opening a membership online. And certainly no one ever suspects the printer of anything at all except occasionally needing paper.<\/p>\n

But these are all examples of how we use technology daily to solve our immediate concerns without additional thought. Life would be very hard without Wi-Fi, ATMs and printers. Their roles are as quiet, subservient support technologies. They are the discreet butlers of our digital lives. No one ever suspects the butler.<\/p>\n

It is for that reason \u2013 that lack of diligence \u2013 that printers have become the gaping hole in the wall of cybersecurity. Companies spend billions of dollars annually seeking to protect networks and ensure that computers are safe and virus free. But few people pay attention to the silent peripherals.<\/p>\n

<\/p>\n

Decision makers seldom hear about hacks through printers. To the average, honest working person, they are simply output devices. But to the wearers of the black hats, they are willing and compliant access points, not only to a company’s existence, but beyond, to everything that company is connected to, out there on the internet.<\/p>\n

The most infamous DDoS attack in recent memory happened on October 21, 2016<\/a>, when a brand of malware called Mirai brought Netflix, Twitter, Amazon and others to a crawl. Experts believe this Malware<\/a> made its entrance through an unprotected Internet of Things (IoT) device like a printer, a router or a camera. These are devices that are seldom protected by vigorous passcodes and anti-hacking<\/a> tools. They’re just simple devices after all.<\/p>\n

But this is where innocence and naivet\u00e9 have no place. The belief that such devices are low risk, having little value to hackers, is fatally incorrect. To remain unaware of just how a sophisticated hacker can use an unsecured printer to access the network is precisely the type of thinking that can bring companies down. To forget just what lives inside a printer \u2013 images of documents, user credentials \u2013 is downright dangerous.<\/p>\n

Get Everything and Everyone into the Audit<\/h2>\n

Every device, no matter how innocent looking, must be included inside a rigorous and regular security audit, must be monitored regularly, and must be brought up to speed in terms of security software. If a device can communicate, if it has a computer inside, no matter how small, it can be compromised.<\/p>\n

The people who use these devices must be trained in the same type of hygiene that they currently (hopefully<\/em>) apply to their network passwords and laptops. There must be a mechanism to enforce policies.<\/p>\n

It’s Not Just External Spies<\/h2>\n

Printer security does not end with shoring up the software. Companies must also consider the people on the inside who are using these devices daily.<\/p>\n