Written by: Liraz Marcovici, Pre-Sales Manager, EMEA, Centerity.

Who thought that something ordinary as a printer can be that malicious? You will be surprised by what you’ll see and specifically the potential risk – even to your own salary.

Highlights

  • As we all use printers, we usually select them based on standard criteria; however, it appears we are missing the most important one.
  • Getting access to your internal network is a severe security risk creating an enormous potential opportunity for hackers around the world.
  • How can we fix something we are blind to that can happen behind our backs?
  • You have to be notified about critical events or misconfigurations and be able to automatically block any malicious devices or potential threats.

Why choosing a printer is not just a matter of ink?

Canon, HP, Epson, Brother. This is just a short list of the most popular printers. You and your company most likely own one of them if not a few. How did you choose the most reliable ones? Depending on the line of work and the business of the company, some of the main factors to consider will be price, service quality, printing volume & speed and perhaps color contrast.

However, since they are connected to your network, did you ever stop to think that besides those factors and feedback on forums, you will need to address something as critical as security protection? Think again.

Your printer is a threat!

Even if you review your paycheck on a regular basis with a magnifier to ensure all the numbers are correct, you need to be aware of the security breaches your printer is exposing you to. First, document theft or hijacking – a potential GDPR breach but also think about hijacking your paycheck and changing the numbers. Second, changing settings to alter and reroute the printer jobs and get valuable data. Third, printers exposuring your network via rogue device thus adding a new area of vulnerability.

What if, a hacker (internal or external) would find the first security breach and alter the numbers on your salary sheet? Instead of the real numbers, they would modify it and reroute the actual money to their bank account. How big of an impact would that be on your company? On your own salary as an employee or the entire company’s employees? Just think about the bad reputation or the potential financial damage to everyone.

Getting access to your internal network presents a severe security breach and vulnerability with an enormous potential threat from hackers around the world. Just read about “Stackoverflowin”1 to know the potential damage that could have done!

Protect your printer!

How can we fix something we are blind about and can happen behind our backs (and let’s just say we are not teachers)?

  1. Be notified about misconfigurations of devices and network, exposed assets & security postures and be alerted about malicious hardware and “uncontrolled” devices.
  2. Secure & Block – protect the “innocent” printers internally and externally by applying the relevant configuration (i.e., use complex password) and securing their USB interfaces. You can also validate the connection on the physical layer or generate “two-way” authentication, but the most important method is to identify and block any malicious device once discovered.

Conclusion

Now that we understand that choosing a printer is not just by the amount of ink it consumes. It can do much more than print expense receipts. It can facilitate a change to your (precious) salary and be a conduit to an even more critical organizational content. Centerity wants to offer a solution.

You have to be notified of critical events or misconfigurations and be able to automatically block any malicious device or potential threats. For this purpose, Centerity’s Cyber AIOps platform includes rogue device mitigation and observability modules. Centerity knows how to identify and block malicious hardware attacks as they happen, while keeping your printer’s configuration safe based on security best practices.

Want to protect your salary? Talk with us!

[1] https://www.cybersecurity-insiders.com/cyber-attack-launched-on-150000-printers-working-worldwide/

Did you know Hackers can reduce your salary