Your office printer could pose a major security risk


A security expert from Bitdefender has been speaking about the shaky security of connected devices and the Internet of Things in general, as well as the piece of hardware which leaves users most vulnerable to attack.

The company's senior e-threat analyst Bogdan Botezatu said that the device category you might expect to represent the largest potential security hole, namely routers, isn't the biggest concern – for him, it's the printer.

In an interview, Botezatu told the Register: "We get a lot of telemetry in our vulnerability assessment labs. The router is no longer the worst device on the internet. It's now the printer."

He noted that routers were indeed still a big issue (particularly around the smart home), but that printers eclipsed them with many offering 'public shares that are visible to the internet – because lots of home users also leave their routers too close to default configuration.'

Naturally, he didn't name any particular vendors or models of printer.

Default danger

Default settings are, of course, often to blame when it comes to leaving defences open with connected devices.

Earlier this year we saw that HP LaserJet printers which have on-board storage for large print jobs used a default setting which put up an FTP server on port 9100 – and if users didn't protect said port, it could be easily exploited by hackers.

(HP did inform us at the time that its enterprise-class LaserJet printers announced a year ago were beefed up with protection against malicious attacks with features like HP Sure Start and run-time intrusion detection).

At any rate, your printer is certainly a security issue well worth considering, and Botezatu further bemoaned IoT security in general, including the likes of connected white goods, observing that once a manufacturer stops updating its smart fridge, consumers have a potentially worrying issue on their hands.

Particularly when 'dumb' goods no longer exist and we all have smart appliances in our kitchens by default, so to speak…

Darren is a freelancer writing news and features for TechRadar (and occasionally T3) across a broad range of computing topics including CPUs, GPUs, various other hardware, VPNs, antivirus and more. He has written about tech for the best part of three decades, and writes books in his spare time (his debut novel - 'I Know What You Did Last Supper' - was published by Hachette UK in 2013).