Printers should be segregated from the rest of the network

Printers should be segregated from the rest of the network

When it comes to security risks for networks, hardly anyone will think of a printer as an existential threat to an organization.

However, multiple cases proving that printers, and other IOT devices can act as Trojan horses have surfaced over the last couple of years.

There are probably multiple reasons why this is happening, and most of all and the most prominent one being that the complexity of such devices increases significantly.

I am not going to bore you to death about all of the different thread factors resulting from printers, and other devices. However, it is important to understand that the threat directors are not only the network connectivity by itself; this merely acts as a necessary evil.

One of the most interesting infiltrations I witnessed was through the fax modem of a printer, which acted as a way to upgrade/hack of the printer firmware, which in turn made it possible for attackers to update, and modify the device in such a way that they could access the network the printer was connected to remotely.

Hey similar hack was demonstrated with IP telephones; those fancy ones we all know from the TV show 24 with the infamous Jack Bauer ringtone.

In this case it was proven that the phone could be used as a remote listening device, without the user of the telephone being aware that they were eavesdropped upon.

So, why in hell is your printer still connected to your conventional, corporate network Potentially granting it access to sensitive data, and critical infrastructure of your organization?

Going into detail about the possibilities of isolating printers in different network segments, thereby making it significantly harder for attackers to exploit sensitive data, would probably kill this article

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.