According to a recent report issued by Pwnie Labs, wireless device security vulnerabilities are not being addressed by enterprises even though many wireless devices can be used as backdoors into corporate networks.
If wireless printers and access points are not secured, hackers can easily use them to gain access to internal networks. Many organizations invest heavily in security defenses but forget to change the default configurations on their wireless printers. Pwnie Labs researchers ascertained that more than half of wireless devices (56%) used by enterprises are HP printers. When default settings are not changed, the devices can be used as a backdoor into corporate networks. HP printers were found to be the most commonly open wireless network, while 35% of wireless access points either did not use encryption or security defenses were found to be particularly weak.
Plugging wireless device security vulnerabilities is not always straightforward. Organizations need to change the default password on the devices, yet many do not do so because it causes connectivity problems. However, if wireless device security vulnerabilities are not addressed they could allow hackers to bypass an organization’s security defenses and gain access to internal networks.
Wireless Device Security Vulnerabilities Are Being Exploited by Hackers
A recent survey conducted on 400 IT security professionals showed that 55% of respondents had already witnessed a cyberattack via wireless devices. 86% said that they were concerned about wireless device security vulnerabilities.
Pwnie Labs found that many wireless printers are left with default settings active, although some do not even have a username and password set allowing anyone to connect. If the wireless printer is hardwired to an Ethernet network, gaining access to the printer via Wi-Fi could allow a hacker to also gain access to the network to which the printer is connected.
The devices are designed to make connection as easy as possible, and this feature can all too easily be exploited by attackers. If an attacker sets up a malicious access point and used the same SSID as that used by the manufacturer to configure the printer, the printer could automatically connect to that network.
To prevent this, remove open wireless networks from the preferred network list on the printer. Alternatively, ensure that the printer does not automatically connect to open wireless networks.
If a wireless printer is used as a network printer via an Ethernet connection, it is essential to disable Wi-Fi functionality to prevent the device from being used as a wireless bridge to the wired network. If there is no need for a wireless printer to be hardwired to a network, ensure that it isn’t and use strong encryption to connect wirelessly to the device.
Printers are not the only devices that can be used in this fashion. All devices with wireless functionality must be subjected to a full risk assessment. If wireless networks are not used by an organization, devices with wireless capability must have the function disabled. If wireless networks are in use, all devices must be carefully configured to reduce the risk of attack.