Misconfigured Lexmark Printers Leave Organizations Potentially Open to Exploitation

In a recent report, over 1,000 Lexmark printers were discovered to have misconfigured settings that left the devices accessible to anyone on the internet. While a relatively low number, many of these printers were connected to business and educational organizations—and even government entities. Neither Lexmark nor the organizations involved have responded to the report as of the time of publication.

According to the report, the printers lacked passwords for their user interfaces, allowing any individual to enter the device’s IP address and access the UI. From there, the “attacker” can then set up their own passwords to essentially take control of the printer. In aworst-case scenario, this exposed device could provide a backdoor into an organization’s network.

Misconfigured security settings for Internet of Things (IoT) devices are an all too often-occurring flaw. Both manufacturers and users often underestimate the impact of misconfigured devices, as security can often be considered low-priority for many device manufacturers. However, many of the most devastating IoT attacks, including the Mirai and Persirai botnets, were so effective in part because of weak passwords and default security settings.

Users and organizations can avoid these incidents by implementing IoT security best practices, which include:

• Replacing the default credentials with stronger ones

Always change the default credentials as soon as they are put to use. A strong password can add a layer of security that makes it more difficult for attackers to penetrate.

• Proper implementation of security configurations

Many devices also come with security features. As with the use of stronger credentials, the proper configuration of built-in settings can provide additional security for connected devices.

• Keeping device firmware updated

Weak credentials are not the only method in which an attacker can compromise connected devices. Often, cybercriminals can also exploit vulnerabilities in outdated device software. Most reputable device manufacturers regularly release updates that address these vulnerabilities. Ensuring that the device firmware is updated to the latest version minimizes the chance of vulnerability exploitation.