Printers, like any other device, are vulnerable

Read time 2min 10sec
Muyowa Mutemwa, a cyber security specialist and researcher at the CSIR.
Muyowa Mutemwa, a cyber security specialist and researcher at the CSIR.

Multifunction printers, particularly those with hard drives, present a risk to enterprise security, and are relatively easy to access and retrieve sensitive documents and information.

This is according to Muyowa Mutemwa, a cyber security specialist and researcher at the CSIR's cyber defence group.

Mutemwa pointed out that whether the printers are bought or leased, they are frequently disposed of with sensitive data still on the hard drives. They are also vulnerable to cyber ttacks through unsecured network communications protocols and the fact that users often neglect to create secure passwords.

Stepping up awareness

Speaking at the ITWeb Security Summit in Midrand this week, Mutemwa urged increased security awareness around the devices, as well as a greater care on their decommissioning. Unsecured machines compromised confidentiality, he said, and could also be used to access information about users and the network itself.

He outlined vulnerability tests in which researchers had been able to retrieve deleted documents and ones that had been previously printed, despite them being encrypted. "Information that you print actually gets retained on the hard drive itself. Because printers are connected to the network, you can actually access the administrative consoles that are connected to these printers and test passwords to see if you can get onto the printer," he said.

"Typically, every MFP manufacturer has a list of security tools that come with these devices, but we found in our research that by default, most of these features were disabled when the devices were in use within organisations."

He added that researchers had collected the manuals and security guides for a range of common printers, and found most of them contained default usernames and passwords. By searching online for the device's IP address, researchers had also been able to find the location of some of the devices and even access the admin login screen on some devices.

Hackers could also explore other devices, as well as users on the network.

Mutemwa said the management and disposal of the devices had to be approached more securely. The hard drive should be overwritten three times, or stored, or physically destroyed, which should reduce the risks of sensitive data falling into the wrong hands.

See also