Report Says Hackers Now Targeting Office Printers

2011-01-31 08:30:11

Published on 2011-01-31 08:30:11

In the past, one of the main concerns when using a printer at work used to be whether you had enough ink cartridges to finish the job you're on, or that always frustrating moment when the paper gets jammed inside.

But now if you buy a printer for the office – especially a modern one with email capacity and what-not, you've a rather more serious problem on your hands: hacking.

According to The Massachusetts Institute of Technology's (MIT) Security Review, new research demonstrates how cyber criminals are able to exploit printers to gain access to a company's computer network.

Deral Heiland, an independent security consultant, says it is exactly the plethora of enticing features printers now offer – sending email, browsing the web – that is making them a target for hackers.

"These devices have gone from being standard, simple printers that got on the network to the point where they are totally integrated in the business environment," he told MIT's Security Review. "And that heavy integration is what makes them a premium target."

There is a program called "Praeda" – which is Latin for plunder – that takes advantage of common security lapses to gain access to company printers from outside the network.

Mr Heiland explained that since some printer manufacturers do not make it compulsory for users to set up a new password to access their device, a default password is used instead.

But that default password can easily be found – it will be in most online printer manuals. Once the program enters a network in this way, it can steal more passwords, accessing more devices, and so on, and so on.

So when you next fire up the office printer – don't make checking the toner cartridge level your first job, change your password!

Posted by Canzil Ahmed.

« Return