I bet you never thought your office networked printer, copier, scanner or fax contained a history of your activities and documents in an unsecured storage file … well it does!
Researchers and Hackers from Black Hat and DefCon showed a serious security threat to every office networked photocopier and network printer.
For the past 10 years or more all network photocopiers, printers, scanners and fax machines have an embedded web server built into them to make administering the devices easier and assist with routine service and maintenance. These built in embedded web servers lack security, allowing access to recently scanned, copied or printed documents. Hackers can easily find these Web Servers through scripts they write to recognize WEB Header fingerprints identifying the unprotected IP addresses for the copier, printer or scanner. Once the address is known you’re into the embedded web server there’s no hacking required.
Another way to gain access to stored information on photocopiers, printers and scanners is directly through the companies network or directly through the USB or Ethernet port on the machine. Data and documents can also be retrieved from old, broken or discarded machines either through their built in memory or in many cases Hard drive.
Tip: When throwing away your old printer, copier, scanner or fax remove the motherboard, memory and hard drive if equipped to prevent theft of your stored data. When dealing with fax machines you will also want to remove and destroy any fax printer film cartridge is so equipped as this cartridge also stores the information of your last 50-500 received faxes.
We live in the age of information and identity theft, corporations need to be especially vigilant with electronic equipment insure the safety and integrity of the data stored on such devices both when using the device as well as when disposing of it.