Technology
Turns out your office printer is a huge cybersecurity risk
Consider the office printer.
Massive, hulking things — the devices looming in the corner of workplaces around the world have come to represent untold hours of frustration in the form of printer jams and toner problems. According to security researchers set to present their findings this Saturday at the DEF CON hacking convention in Las Vegas, they also happen to be a cybersecurity nightmare.
Daniel Romero Pérez and Mario Rivas Vivar, researchers at NCC Group, announced the discovery of major vulnerabilities on Thursday in name-brand printers made by the likes of Xerox, HP, Lexmark, Kyocera, Brother, and Ricoh. NCC Group shared some of the researchers’ findings with Mashable ahead of the aforementioned Aug. 10 talk, and they’re enough to elicit serious double take.
“These flaws could be used by criminals as to gain long-term backdoor access into companies for possibly years on end, allowing them to come and go as they please, undetected, stealing sensitive data,” a spokesperson explained to Mashable over email. “What’s more, criminals can spy on every print job and even send documents being printed to themselves or other unauthorized third parties.”
Which — considering the type of data important enough to require a backup hard copy —doesn’t sound good.
Interestingly, this announcement follows news that a Russian hacking team exploited unchanged default passwords in office printers this April in an attempt to gain access to sensitive corporate info.
Thankfully, Pérez and Vivar were able to get in touch with the six manufacturers in question and “most of the issues” they discovered have been patched — albeit in the case of an unnamed few companies, it took months of effort to reach them.
Unnervingly, the two researchers found “high risk issues” in all six of the printers they tested.
“We stopped searching after a few vulnerabilities,” notes a slide from their forthcoming presentation. “There are probably more.”
It seems that, even in an online world, relics from the time when paper reigned supreme can still bite you in the ass. You’ve been warned.
-
Entertainment6 days ago
What’s on the far side of the moon? Not darkness.
-
Business7 days ago
Thoma Bravo to take UK cybersecurity company Darktrace private in $5B deal
-
Business7 days ago
How Rubrik’s IPO paid off big for Greylock VC Asheem Chandna
-
Business6 days ago
TikTok faces a ban in the US, Tesla profits drop and healthcare data leaks
-
Business5 days ago
London’s first defense tech hackathon brings Ukraine war closer to the city’s startups
-
Business7 days ago
Photo-sharing community EyeEm will license users’ photos to train AI if they don’t delete them
-
Entertainment6 days ago
How to watch ‘The Idea of You’: Release date, streaming deals
-
Entertainment5 days ago
Mark Zuckerberg has found a new sense of style. Why?