Cyber defence – Could your printer the weakest link in your IT network?

You’ve spent a lot of time and resources securing your company’s networks and data. But many South African businesses are leaving a gaping hole in their cyber defences – and it’s not their remote devices or their employees. Your printers, copiers, and multifunction printers (MFPs) could be just the gap a hacker needs to access your systems.

Printers and MFPs are just as vulnerable to threats as any other connected device. But they’re among the most overlooked when it comes to security, says Anton Badenhorst, the COO of managed business services firm Itec SA.

“The risk associated with printers is higher than people think. Modern printers are sophisticated machines with open internet connectivity, hard drives, applications, and the ability to connect to any network. But we don’t think of them as technology, so we don’t secure them as we should,” says Badenhorst.

Given current trends in cybercrime, that’s a massive risk. According to the 2022 SHA Risk Review, one in three South African SME respondents had suffered a cyber-attack. More than half (53%) of SMEs who suffered ransomware attacks did not recover their data.

Just how vulnerable are printers? Last year, cybersecurity experts at Cybernews hijacked around 28,000 unsecured printers and forced them to print out a guide to printer security. In total, they found around 500,000 devices that they could target.

Printers are used by many people, and often contain significant amounts of data. This includes every document that’s printed, scanned, or sent from the device. But because they’re not seen as a risk, organisations often don’t take the necessary steps to protect them, says Itec SA specialist Jaco Berning.

One of the most obvious steps, and because it can give anyone access to the printer, is to change the default password to something strong and unique. However, it’s hardly ever done.

“Wireless printing further increases the potential attack surface for hackers. With Wi-Fi, hackers can conduct proximity attacks from outside the building. Once they gain access, they can connect the printer to a malicious network, reroute information and run a malicious code without anyone noticing,” says Berning.

Securing your printer fleet starts with a strong user authentication policy. It includes a comprehensive set of security features that allow only approved individuals to use and access the devices. These include data encryption on the hard drive, access control through passcodes and PINs, and the ability to disable unwanted and unused protocols, platforms, and ports.

“The bottom line is that your printers play a significant role in your organisation’s security. They hold sensitive information and provide an easy access point to your network. This makes them vulnerable to security breaches. It’s time to start thinking of them as the networked computers that they are – and to keep your business safe and secure in the process,” said Berning.