Print in the Channel – issue #20

COVER STORY

Multifunction printers: the cybersecurity risk, and how to mitigate it While global cybercrime costs may seem far removed from day-to-day business operations, they underscore a crucial point: connected devices, including multifunction printers (MFPs), represent a key vulnerability in modern workplaces. Once just simple office tools, MFPs have evolved into hubs for sensitive data, often relatively poorly protected, making them prime targets for hackers. This risk is especially pronounced in hybrid work environments where devices are accessed from less secure networks.

The threat is real: in the UK alone, businesses face an average cost of

Key security threats of MFPs While MFPs have become indispensable tools in modern workplaces, their integration into business workflows can hide potential risks: l Unauthorised operations by other users When people access an MFP, there’s a chance that sensitive documents or data on the device could be compromised or tampered with. Unauthorised individuals might print documents, weaken security settings, or steal data. It’s like leaving a filing cabinet unlocked in a public space, inviting potential breaches of confidentiality. l Eavesdropping and tampering of communication data The connected nature of MFPs makes them vulnerable to network attacks. Data sent between the printer, PCs, file servers, or other network parts can be intercepted or altered if not properly protected. This can lead to data breaches, malware infections, and unauthorised access to

£25,700 per cyberattack, with one in five businesses experiencing a cyber incident in the past year, according to the Hiscox Cyber Readiness Report 2023 . Globally, the situation is even more alarming – by 2025, the cost of cybercrime is expected to reach $10.5 trillion annually (approximately £8.4 trillion), highlighting the growing impact of cyber threats on businesses. To put this in perspective – that’s more than three times the UK’s entire GDP in 2021. This staggering figure, underscores the urgent need to address security vulnerabilities in our connected devices, specifically MFPs. Why MFPs are at risk Modern MFPs are deeply integrated into business operations, but with this integration comes significant cybersecurity risks. If compromised, the effects can be severe – ransomware may halt operations, or data breaches could expose confidential information, leading to financial losses and reputational damage. The UK Government’s Cyber Security Breaches Survey 2023 shows that networked devices, like printers, often play a role in company breaches. The cost of these incidents can be substantial – especially for larger organisations – emphasising the urgent need for enhanced security measures across all business technologies.

sensitive information. l Software tampering

Software vulnerabilities can undermine an MFP's security features. Hackers might modify the software to create backdoors, enabling data theft or unauthorised control of the device. The printer could even be used to launch further attacks within the network. l Data breach caused by mistakes of users Human error is unpredictable but common. Even with strong security measures, mistakes can lead to data breaches. Misconfigurations, weak passwords, or