You may have heard about recent reports of network hackers gaining access to multifunction printers, causing headaches for IT and cyber security personnel. These stories in the news are creating a lot of noise in the industry, overstating the risks of having a printer or MFP installed within an organization’s network. Although the vulnerabilities could be a cause for concern, multifunction printer hacks are relatively harmless, causing incidents such as an MFP to “lock up” using denial of service and brute force attacks. This type of action would require an exceptional, concerted effort by a person within the firewall of an organization to attack a specific multifunction printer. Typically, a person who wanted to do cyber harm within a corporation wouldn’t spend this type of effort to attack a printing device.
It is important to understand that these perceived network vulnerabilities can only be taken advantage of from within a company’s network environment. This means that the network hacker would need to be a company or organizational employee with private network access. The devices are not vulnerable from outside the firewall or from the Internet – unless the network is vulnerable to external attacks. If that is the case, the multifunction printer should be the least of an organization’s worries. Obviously, the first course of action must always be to secure the network.