A flaw has been found in the Hewlett Packard all-in-one printers by a cybersecurity researcher. An automatically enabled feature, WebScan, enables it for hackers to steal copies of scanned documents over the internet.
In a workplace, anyone could identify the existence and usage of an HP printer and could recover copies of the scanned documents.
The person who is hacking can run the script on the scanner and can get everything that might have been left on the scanner. Hacking this way may not be possible is the documents are not left.
It is questionable why the WebScan feature is included when it is so easy to exploit. The researcher who found this flaw sees it as a publicity stunt and a marketing trick, saying that if the purpose was to obtain digital copies easily, it could have been made possible without exposure to others at the work place.
The reason of this weakness is that it is enabled by default, which means there is no security. This security and privacy issue has not been catered to because of the fact that very few people know about it. In fact, many companies have no idea as to what the WebScan function is.
However, once it is known, it would be very simple to solve it. For new printers and scanners, all that needs to be done is to disable this function by default. If not this, then, as the researcher suggests, there can be an option to enable it by choice.
However, at present, there is no possible way available t solve the problem in millions of HP printers and scanners which are being used around the world. It is possible for other brands to have the same flaw. However, only HP printers have been researched till now.
Subscribe to our RSS Feed!
