Critical.
Authoritative.
Strategic.
Subscribe to CIO Magazine »

Black Hat: Embedded Web servers open printer, scanner security holes

It's fairly simple to find corporate or consumer printers and scanners online and, without breaking into them, get a hold of documents that these devices recently processed

It's fairly simple to find corporate or consumer printers and scanners online and, without breaking into them, get a hold of documents that these devices recently processed.

It can be done because "there are embedded Web servers that come in hardware devices," says Michael Sutton, vice president of security research at Zscaler Labs, who will present his research at next week's Black Hat Conference. The embedded Web servers in "photocopiers, printers and scanners are there for the purpose of ease of administration," but the functionality is not hardened, the devices are available directly through the Internet, and often they aren't password-protected, he says.

MORE ON SECURITY: The 5 biggest IT security mistakes

In his research, Sutton says he discovered he can easily find these printers, scanners and photocopiers, including those made by HP, Ricoh and Sharp, out on the Internet, and simply use the available features "to remotely retrieve anything recently photocopied, such as download a PDF copy of it."

He said he's able to find this equipment with its embedded Web servers through scripts he wrote to scan huge blocks of IP addresses to recognize certain tell-tale Web header fingerprints. "There's no breaking-in required," Sutton adds.

He says the reason he's highlighting the risks is because "I want enterprises and consumers to recognize that an embedded Web server is a Web server and you've got to shut off some features," adding, "it's like a public Web server." Features should not be enabled by default, nor used without password protection. But he notes many people probably are unaware these embedded Web servers are even there in these printers, photocopiers and scanners.

Read more about wide area network in Network World's Wide Area Network section.

Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.

More about: Hewlett-Packard, HP, LAN, Ricoh, Sharp
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the CIO comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: peripherals, ricoh, scanners, security, sharp
Latest Blog Posts
Whitepapers
  • HP Imaging and Printing Services
    According to Gartner, a major focus for organisations today and in the foreseeable future is shifting from cost reduction to growth, expansion, innovation, and operational excellence. If your organization is serious about driving growth and innovation and improving customer experiences, you’ll find that a well-managed imaging and printing environment is key to these goals. A growing number of organizations are turning to services as a means of integrating imaging and printing into their overall IT infrastructure strategies. It may be one of the fastest ways to continue to drive down costs, fund innovation, and prepare your organisation to capitalise on future opportunities. Read more.
    Learn more »
  • Simplifying branch office security
    Securing your business network is more important than ever. Malware, botnets and other malicious programs threaten your network—at your central offices and your branch offices alike. Yet enforcing consistent network security throughout your enterprise can be challenging—especially for those of you with branch offices with few users and no IT expertise. This paper introduces a new standard—an innovative, unified, cost-effective solution for managing branch office security, with centralised reporting and a clear process for determining return on investment (ROI).
    Learn more »
  • Spear Phishing Attacks - Why they are successful and how to stop them
    There's been a rapid shift from broad, scattershot attacks to advanced target attacks that have had serious consequences for victim organisations. The increased use of spear phishing is directly related to the fact that it works, as traditional security defences simply do not stop these types of attacks. This paper provides a detailed look at how spear phishing is used within advanced attacks and the key capabilities organisations need in order to effectively combat these emerging and evolving threats.
    Learn more »
All whitepapers
rhs_login_lockGet exclusive access to Invitation only events CIO, reports & analysis.
Recent comments