Few things are more ubiquitous in an office environment than printers. Of course, these days, most printers are much more than simply that. They can also scan, copy and even send emails. As such, they've become an increasingly attractive option to hack, according to the latest data released by Barracuda Networks.
The reason is simple. Most printers aren't as well protected as PCs and other devices on your network. They're the weak point in your company's defensive armor.
The upsurge in this type of attack seems to be focused on Cannon, HP and Epson printers, and works like this:
A printer is compromised and used to send spoofed scanned attachments, usually bearing an innocuous subject line such as "Scanned From HP," "Scanned from Epson" or "Scanned from Cannon."
Most employees don't think twice about opening such attachments because they appear to be from a legitimate source inside the company, which is, of course, exactly what the hackers are counting on.
While any sort of payload can be delivered in this manner, the most common strain found installs a back door on the target PC, allowing the hackers to:
- Monitor behavior and log keystrokes
- Change computer settings
- Copy files
- Access other connected systems
- And more.
In a clear indication that the malware could be used to launch a ransomware style attack, it also gives the hackers the ability to replace the PC's wallpaper with any file they choose.
Employees should be more mindful about this type of attack and always double check to make sure the sender is valid. Also, it's important to hover over the links embedded in such emails in order to be sure they're valid before clicking on them.
If you haven't been on the receiving end of an attack like this yet, count yourself lucky and stay vigilant.