Copier Security Risk?
With all of the recent news about DDoS attacks and how they have impacted the World Wide Web, do I need to be concerned about a copier security risk on our network?
It was recently discovered that the DDoS attack that brought the internet to its proverbial knees was initiated by devices that were either attached directly to our computers or through our networks. Items such as webcams, wireless keyboards, mice, and even external speakers were to blame. Does this mean my office copier is a potential threat?
First, let’s face the fact that anything connected to our computers are a potential threat. If a hacker would like to exploit a device and has the gumption, they usually can and will succeed. This doesn’t mean that we can’t take precautions to limit our risks. Most “external” devices are manufactured with the ability to manage the item through an interfaced that may be accessed via a web management portal. This is usually the weak link and path to corruption for hackers.
Here are some quick tips to help secure these potential areas of threat:
- Change the default password. – The manufacturers of these devices present their products with “easy” access and management for the laymen to be able to make adjustments. This in itself is not a bad practice, however making the default password something that can be “cracked” in four guesses is!
- Whenever possible, communicate with these devices over an SSL connection. It’s one thing to have a secure password, but accessing the management pages over a non-encrypted connection is just careless. This will leave you wide open to compromise.
- Change the default port settings. This might not always be possible, but if it is permissible it’s a wise choice. If a hacker knows what port a device is using to communicate, it’s an easy path to a complete takeover.
- Disable remote communication. This might cause a little more heartache when needing to make adjustments, but if you only allow local access you may prevent an outside penetration.
The reality is that no one is 100% safe. Taking the time to understand how devices are managed and being able to make adjustments to a few simple rules will greatly reduce your risks. Network security is such a vital part of how we can prevent a hacker attack; it’s odd that we allow anyone to just add any device. The most important facet of security is due diligence. Take the time to have a protocol in place when adding new devices and most importantly how those devices may or may not communicate over the network.
Need more information? Contact us