With hacking on the increase, security measures need to be checked in case an office happens to have a Hewlett Packard Enterprise Co (NYSE:HPE) LaserJet Commercial series printer.
Famous security researcher Chris Vickery has disclosed that HP LaserJet printers can be easily be taken advantage of by hackers. He discovered that the hard drives of HP Laser Jet Printers can be utilized as a surreptitious data storage unit by cyber criminals due to the existence of a default setting that can launch an FTP server through one of the ports.
This specific setting is usually part of HP Laser Jet’s business grade printers. It permits company personnel to store large amounts of data on the printer while printing.
The upload and download operations placed on this anonymous FTP server are done through port 9100. In the event that a system administrator forgets to secure the printer with a firewall or if it has an IP address that is publicly accessible then it is very easy for a malicious player to access the printer via port 9100 and use it as a surreptitious storage device to host malicious content.
It is possible to save and access such content without alerting the organization or any of the personnel. Also, it’s likely that the hacker’s will remain unidentified as the only evidence of such an activity that is left is contained in network logs. But few system admins scan for traffic that goes in and out of a printer.
As Vickery says, this type of printer is normally switched on and remains online the whole day. Even if the device is put in sleep mode, it still hosts files. According to him, the chances that any activity of this sort would be detected is remote.
Vickery advises that if one possesses such a printer to ensure that port 9100 is not open, and that printers are protected by a firewall. If one had been earlier unprotected then after taking preventive measures, he suggests examining the content on a printer’s drive as a precautionary step.