Sitting in the corner, sometimes collecting dust, is an overlooked attack surface.
By John Brandon
They sit off in the corner, some of them collecting dust. Yet, a printer is a legitimate attack surface. Many companies dont bother to update the firmware on older models, or dont include every model in a security audit (such as the one in the CEOs office everyone forgot about), or the organization assumes a hacker wont bother with an Epson or HP that is barely even connected to Wi-Fi.
Interestingly enough, because a printer is so innocuous and seemingly harmless, thats the exact reason it poses a threat, according to the security analysts who talked to CSO about this issue. Sometimes, the best attack vector for an attacker is the one no one bothers to think about. However, a recent IDC survey found that 35 percent of all security breaches in offices were traced back to an unsecured printer or multi-function device, costing companies $133,800 each year.
To read the entire article, please click here.
Source: http://www.csoonline.com/