If you Haven't Changed Your Printer's Password yet, do it ASAP
Since the beginning of 2018, Microsoft has sent more than "1,400 nation-state notifications" about malicious attacks. 80% of the targets of said attacks have been listed as "government, IT, military, defense, medicine, education, and engineering."
According to Microsoft's data, attacks targeting "a VOIP phone, an office printer, and a video decoder," are preferred high-value targets. A huge chunk of the malicious attacks that the company's always battling against and warning about are based on cyber-crooks exploiting the same old poor security measures that are so prevalent everywhere: unchanged default passwords.
In many of the cases, the devices, such as printers, routers etc., that are commonly used in the workplace get installed and used without much thought on their owner's part about security. Taking the time to change the default manufacturer's passwords is really low on the list of your priorities when you're chasing deadlines – and so is installing the latest nagging software updates to the device. Such things take time that you can ill-afford to spend, when you can do something more productive, right?
Wrong. Those are terrible working practice, because software updates often include much-needed security patches that ensure that hackers can't just gain access to a device as they see fit.
And there are plenty of bad actors willing to do so - hackers can use these devices to gain an initial foothold into the corporate networks they want to target. Once they get their metaphorical foot in the door, the crooks can scan for other linked devices with lax security, which would allow them to look for more valuable targets within the network. This is how hackers have been known to access valuable data on multiple occasions.
Although Microsoft has warned companies about similar dangers on numerous occasions, it's not like the crooks are targeting corporate entities exclusively. On the contrary, private individuals and government agencies are very much on the chopping block as well. Back in February 2019, for instance, Microsoft warned of politically motivated attacks targeting groups involved in the EU elections in May.
What you can do to Improve Your IT Security
IT security is no easy matter. There are a lot of things you need to consider and a lot of steps you need to take if you want to ensure it. Making sure that a hacker can't get a foothold in your network due to neglect are the of those steps, and although they can be bothersome, they actually aren't that difficult to perform.
You basically need to do two things:
- Keep the software on all your IoT devices updated at all times.
- Change the passwords on all of your devices regularly.
This includes all your routers, phones, and printers as well.