Vulnerable Printers a Gold Rush for Cyber-Terrorists

cyber securityThe Internet can lay bare thousands of unsecured printer hard drives lying exposed in various organizations. According to researchers, lack of security hygiene on the part of numerous organizations is currently being exploited by cyber terrorists and hackers to host malevolent code and dodge their tracks with the help of a new and secret techniques developed by them.

Unfortunately, today nothing is one hundred percent secure, as cyber criminals are always on the prowl to create new hacking methods to penetrate any kind of device.

Consumers and employees of an organization are constantly left exposed when specific software and hardware are used without proper IT security and protection are in place, thus allowing cyber criminals and hackers to gain access to confidential data and store malicious virus and codes in the system.

One such vulnerable device that is usually not on the radar of most IT admins and employees is the ubiquitous printer.

Printers that are at a risk for hard drive exploitation are ones that are connected to a network by the IT administrative department but do not have a firewall placed behind them, especially if port 9100 is left open. Of the many methods for printing is through port 9100.

Such vulnerable printers can be linked to potential victims if cyber criminals host malicious scripts and back pages on the printer. Similarly, the hackers can also host an executable elsewhere so that it can later be served through the WGET request (WGET is a computer program that retrieves content from web servers).

Small and medium organizations as well as large companies have printers that probably store a massive amount of internal storage space and if the port 9100 is not protected, it means that the organization is basically handing and analysts FTP server to cyber criminals on a platter. Printers can be excellent storehouses/vaults and sometimes this storage can be used to store illegal materials unknowingly.

Certain printer hard drives can be used to upload and interact with a few open source pieces of software over port 9100. Since large printers are usually online throughout the day and are powered up at all times, it can host files even in sleep mode.

Unfortunately, it is not a common practice to check the contents of internal hard drive and hence the odds of discovering a cybercriminal’s illegal materials in the printer are extremely low. Organizations and IT departments that leave their printers vulnerable to the Internet probably also do not have a logging system in place and hence the likelihood of a malicious actor being caught is almost negligible.

This issue can be effectively handled and any incident of hacking can be thwarted with two basic steps: IT departments must ensure that network connected printers are constantly behind an effective firewall with a securely closed port 9100.

Irrespective of printing protocols being used in an organization, it is important that the IT department manages printer configuration in order to check the print environment as a major step in preventing cyber-attacks. Every organizational printer has hundreds of settings including ports and protocols that could be an origin of vulnerability. Hence, it is important that IT departments protect their organizational printers by switching off unused ports and protocols and taking advantage of document security software that can help in providing a comprehensive security across printers and data at rest.

, , , ,