Embedded Web Server Printer, Copier, Scanner and Fax Security Threat

I bet you never thought your office networked printer, copier, scanner or fax contained a history of your activities and documents in an unsecured storage file … well it does!
Researchers and Hackers from Black Hat and DefCon showed a serious security threat to every office networked photocopier and network printer.
For the past 10 years or more all network photocopiers, printers, scanners and fax machines have an embedded web server built into them to make administering the devices easier and assist with routine service and maintenance.  These built in embedded web servers lack security, allowing access to recently scanned, copied or printed documents.  Hackers can easily find these Web Servers through scripts they write to recognize WEB Header fingerprints identifying the unprotected IP addresses for the copier, printer or scanner.  Once the address is known you’re into the embedded web server there’s no hacking required.

Another way to gain access to stored information on photocopiers, printers and scanners is directly through the companies network or directly through the USB or Ethernet port on the machine.  Data and documents can also be retrieved from old, broken or discarded machines either through their built in memory or in many cases Hard drive.

Tip:  When throwing away your old printer, copier, scanner or fax remove the motherboard, memory and hard drive if equipped to prevent theft of your stored data.  When dealing with fax machines you will also want to remove and destroy any fax printer film cartridge is so equipped as this cartridge also stores the information of your last 50-500 received faxes.

We live in the age of information and identity theft, corporations need to be especially vigilant with electronic equipment insure the safety and integrity of the data stored on such devices both when using the device as well as when disposing of it.

About these ads
This entry was posted in News and tagged , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s