So your copier gets hacked!

**SalesServiceGuy** · 12-22-2023

It is not uncommon for copier service providers to install copiers with the default passwords intact, despite set up prompts from the OEM to change the password away from the defaults easily found on the interent.

What information of value can a hacker get?

1. The address book of all of the employees listed. This is often not comprehensive. Maybe this invites phishing attacks.

2. The Subnet and Gateway. I do not know what value this is to clever hackers.

3. The SMTP Client. Usually the password is hashed ###### out.

4. They can see the scan path to network folders. That cannot be good even though the password is usually hashed ##### out.

I know there are powerful sotware tools out there that can quickly decrypt hashed ##### out passwords.

What else of value can hackers get?

What liability has the installing dealer exposed themselves to?

There are two kinds of dealers out there. Those that are mostly hardware providers and those that offer IT services & hardware. The IT service providers likely force their service departments to use subscription based password managers to secure the equipment they install.

**ADV COPIER** · 12-22-2023

1. The first step may be that you need to change the default password
2. Using commercial email does have a slight risk, you can use the email hosting option which has several security profile settings.
3. You can switch to a private network
4. network devices that have security rules, such as Cisco or Mikrotik

That's just my opinion, because there are clients who want to be safe or even think it's all unnecessary

**techsxge** · 12-22-2023

Originally Posted by SalesServiceGuy

It is not uncommon for copier service providers to install copiers with the default passwords intact, despite set up prompts from the OEM to change the password away from the defaults easily found on the interent.

What information of value can a hacker get?

1. The address book of all of the employees listed. This is often not comprehensive. Maybe this invites phishing attacks.

2. The Subnet and Gateway. I do not know what value this is to clever hackers.

3. The SMTP Client. Usually the password is hashed ###### out.

4. They can see the scan path to network folders. That cannot be good even though the password is usually hashed ##### out.

I know there are powerful sotware tools out there that can quickly decrypt hashed ##### out passwords.

What else of value can hackers get?

What liability has the installing dealer exposed themselves to?

There are two kinds of dealers out there. Those that are mostly hardware providers and those that offer IT services & hardware. The IT service providers likely force their service departments to use subscription based password managers to secure the equipment they install.

1. Usually, it will be full Names or positions that are associated with email addresses or PC Names. So yes, it can be used for pishing attacks.

2. Doesnt reveal anything really critical

3. The password would be the only interesting thing here.

4. See 1.

Quickly is relative. Depends a lot on the algorithm used to store the passwords, which i assume to be SHA256 but i am not too sure. I know that there are printers that used to store passwords in plain text.
If your printer is the entry point of a hacker into your network, you have already fcked up. Some Bosses might have called this "saving money" before. It happens when the Printer has direct access to the internet and is not protected by being put in a vlan with no internet access and filtered network communication.

The problem for dealers depends on the case and contracts.
You just delivered it and only supply consumables? Not your issue as long as it came with the newest firmware avaiable.
You have a contract to maintain the machine on a regular base and failed to offer antivirus solutions, update the firmware regularly? Might get you in some sort trouble if they have a good lawyer.
You are also the companies IT Manager? Damn you have fcked up. Unless you offered and informed the Boss of that company of all the stuff that needs to be done and he declined. You would need that as a hardcopy though.

**mloudy** · 12-22-2023

Sharp for business | Security | Multifunction Printers (MFP)

"Copiers need strong protection from cybercriminals that have learned how to compromise unsecured devices to gain access to the network. Bitdefender antimalware technology provides an additional layer of protection against all known and unknown malware threats including viruses, trojans, worms, ransomware, spyware, and more. Available on most Sharp copiers."

Sharp has been a leader in data security in the industry for along time.

I know of a couple of copiers we have out that I can sit in my office and hit their webpage over the internet. Customer has been told to correct this many times and we have given them detailed instructions.

**techsxge** · 12-22-2023

Originally Posted by mloudy

Sharp for business | Security | Multifunction Printers (MFP)
Bitdefender antimalware technology provides an additional layer of protection against all known and unknown malware threats including viruses, trojans, worms, ransomware, spyware, and more.

I would really love to know how they want to offer protection against unknown types off malware.

**SalesServiceGuy** · 12-22-2023

Originally Posted by techsxge

1. Usually, it will be full Names or positions that are associated with email addresses or PC Names. So yes, it can be used for pishing attacks.

2. Doesnt reveal anything really critical

3. The password would be the only interesting thing here.

4. See 1.

Quickly is relative. Depends a lot on the algorithm used to store the passwords, which i assume to be SHA256 but i am not too sure. I know that there are printers that used to store passwords in plain text.
If your printer is the entry point of a hacker into your network, you have already fcked up. Some Bosses might have called this "saving money" before. It happens when the Printer has direct access to the internet and is not protected by being put in a vlan with no internet access and filtered network communication.

The problem for dealers depends on the case and contracts.
You just delivered it and only supply consumables? Not your issue as long as it came with the newest firmware avaiable.
You have a contract to maintain the machine on a regular base and failed to offer antivirus solutions, update the firmware regularly? Might get you in some sort trouble if they have a good lawyer.
You are also the companies IT Manager? Damn you have fcked up. Unless you offered and informed the Boss of that company of all the stuff that needs to be done and he declined. You would need that as a hardcopy though.

If your business has a written contract to be the customer's IT provider not changing the default passwords would be a major liability. I was thinking more of the dealer who is just a hardware provider.

**SalesServiceGuy** · 12-22-2023

Originally Posted by mloudy

Sharp for business | Security | Multifunction Printers (MFP)

"Copiers need strong protection from cybercriminals that have learned how to compromise unsecured devices to gain access to the network. Bitdefender antimalware technology provides an additional layer of protection against all known and unknown malware threats including viruses, trojans, worms, ransomware, spyware, and more. Available on most Sharp copiers."

Sharp has been a leader in data security in the industry for along time.

I know of a couple of copiers we have out that I can sit in my office and hit their webpage over the internet. Customer has been told to correct this many times and we have given them detailed instructions.

There have been several recent reports that to remediate a successful cyber attack can cost big time dollars in the $100s of thousands.

**techsxge** · 12-22-2023

Originally Posted by SalesServiceGuy

If your business has a written contract to be the customer's IT provider not changing the default passwords would be a major liability. I was thinking more of the dealer who is just a hardware provider.

Well that was the first part. If you are just providing the hardware, there is absolutely nothing you need to worry about. But you do need to put that in the contract (Or whatever you have, like a purchase reciept) that specifies that you are only handing over the hardware and that the security of the device is up to the customer

**mloudy** · 12-22-2023

The only thing we have encountered so far is a library chain that would arrive in the morning and have a stack of 300-500 prints waiting on them with jibberish on some pages. Their IT determined it was Russian hackers. For a while it "the equipments fault" though. Their network was wide open to the world. Not really anything hacked, just adding clicks and wasting paper. I can't believe someone actually spends the time to do somehting so silly.

A school system did have a student messing with the machines through their webpages. He was doing while at school though and not from the outside. We were scratching our heads for a few weeks.

**SalesServiceGuy** · 12-22-2023

I have never expereinced one of the copiers that I am responsible getting hacked, even my old obsolete clunkers.

Far more likely is a phishing attack which happened to me as recently as yesterday. Some crook posing as Website Builder - Create a Free Website Today | Wix.com telling me that my credit card credentials had expired and that my copier domain would be closed in two days if I did not pay promptly.