A new research by Checkpoint, OfficeJet all-in-one inkjet printer can give hackers control of the printer and act as a springboard into an attached network environment. IT security experts commented below.
“This vulnerability is an excellent example of the porousness of the perimeter, and the need to enforce the principle of least privilege to all network services. When you have a fax machine – which literally can be accessed by nearly every person on the planet – connected to your internal network, it’s imperative to recognize this as part of the attack surface, and as a potential launching point for lateral movement. As this latest security research shows, the digitization of faxes allows attackers to take an analog signal, and pivot that into a digital attack. Security teams need to treat devices such as fax machines as untrusted, and to restrict the network access. Organisations should place these devices onto isolated network segments, and only permit controlled network connections to the device. These devices should not be granted broad network access or be permitted to initiate connections across the network. Since these devices may be used by many people as part of their job, any solution cannot impede business productivity.
“In addition to monitoring incoming faxes for unexpected content, security teams should monitor these multi-function fax machines for any anomalous behavior. In general, they should only be receiving inbound connections and not initiating connections across the corporate network.
“Have a security team ready to respond by turning off the machine! Of course, if an attacker has pivoted from the fax machine to other internal systems, a security team’s usual incident response process and team need to be applied to this. Fax machines should be placed on isolated network segments and be unable to connect to any other internal corporate resource. Work with your security team! Let them know if you have such a device on your network and cooperate with them to come up with an agreeable solution that’ll keep you productive while not putting the organization at risk.”
Bob Noel, Director of Marketing and Strategic Partnerships at Plixer:
“We live in a digital world where all business workflows have a digital footprint, and the constant stream of new vulnerabilities will never slow down. Any IP connected device on a network creates its own threat surface, including printers that double as fax machines, and IoT devices. In most cases they are provisioned onto the network as trusted devices, which means they are allowed to transmit any protocol or application across the network segments for which they have access. With so many threat surfaces, organizations must do two things to reduce their risk. First, they much transition to a model of zero trust. Devices should be provisioned in a least privilege model, where they are only allowed to communicate over the protocols and applications for which they are meant. Second, they must begin deploying network traffic analytics to scrutinize the traffic and look for patterns of malicious activity.”
ISBuzz Team embodies the collaborative efforts of the dedicated staff at Information Security Buzz, converging a wide range of skills and viewpoints to present a unified, engaging voice in the information security realm. This entity isn't tied to a single individual; instead, it's a dynamic embodiment of a team diligently working behind the scenes to keep you updated and secure. When you read a post from ISBuzz Team, you're receiving the most relevant and actionable insights, curated and crafted by professionals tuned in to the pulse of the cybersecurity world. ISBuzz Team - your reliable compass in the fast-evolving landscape of information security
To provide the best experiences, we use technologies like cookies to store and/or access device information. Consenting to these technologies will allow us to process data such as browsing behavior or unique IDs on this site. Not consenting or withdrawing consent, may adversely affect certain features and functions.
Functional
Always active
The technical storage or access is strictly necessary for the legitimate purpose of enabling the use of a specific service explicitly requested by the subscriber or user, or for the sole purpose of carrying out the transmission of a communication over an electronic communications network.
Preferences
The technical storage or access is necessary for the legitimate purpose of storing preferences that are not requested by the subscriber or user.
Statistics
The technical storage or access that is used exclusively for statistical purposes.The technical storage or access that is used exclusively for anonymous statistical purposes. Without a subpoena, voluntary compliance on the part of your Internet Service Provider, or additional records from a third party, information stored or retrieved for this purpose alone cannot usually be used to identify you.
Marketing
The technical storage or access is required to create user profiles to send advertising, or to track the user on a website or across several websites for similar marketing purposes.