Concerns raised amid claims of severe hacking flaws in HP Laserjets.
The Imaging Channel (TIC) has warned of the potential implication of lax printer security in the wake of a class action lawsuit against HP over a printer hack that can potentially lead to the printer being set alight.
A research team from Columbia University demonstrated how a printed tax return on an illicitly accessed printer could not only be sent to a different printer, but also automatically scanned for sensitive or critical information and published on social networking website Twitter.
Salvatore Stolfo, who headed the research at Columbia, commented: “Printers are just the tip of the iceberg when it comes to vulnerable embedded devices. Supposedly secure offices – even in sensitive government agencies – have networked teleconferencing devices, printers, even thermostats that create security risks”.
TIC listed DVD players, telephone conference tools and home appliances as devices that can connect to the internet unprotected, and remarked “as more and more devices have network capabilities, security becomes an ever-increasing issue” with an increasing number possessing capabilities to store information. They warn that “[printers] can be used as a gateway to the network and if unsecured, they can be damaging.”
“End users may not be aware of the potential hazards an unsecured printer could cause, but here is the opportunity for managed print providers to step in, secure the network and secure the customer.”