HP

HP announced yesterday that new business printer models will ship with FTP and Telnet services disabled by default, in an attempt to bolster device security against remote exploitation and other cyber-attacks.

For many years, hardware vendors have been shipping millions of devices that came with an open Telnet and/or FTP port, which manufacturers argued it could be used for remote device management.

IoT threat landscape pushes HP to take proactive steps

Because nowadays multiple threat groups are actively searching for Internet-connected devices so they could add them to botnets, securing these devices is a must.

As botnets like the ones created with the Mirai IoT malware have grown to humongous sizes, hardware vendors are now starting to see the error in their ways.

The first one to take a step is HP, who in a statement yesterday said it "started the process of closing older, less-maintained interfaces including ports, protocols and cipher suites as identified by NIST as less-secure," mentioning FTP and Telnet services.

This change is part of a bigger effort to secure all HP business printers, as part of the HP Secure MPS (Managed Print Services) program, which HP set in motion as a result of the growing number of hacked printer incidents.

Firmware update brings better password security for older devices

Other changes include HP’s November FurtureSmart firmware update, which has improved admin password and encryption settings for both new and existing HP Enterprise printers and MFPs (Multi-Functional Printers).

"Networked printers can no longer be overlooked in the wake of weakening firewalls to the growing sophistication and volume of cyberattacks," said Ed Wingate VP & GM, JetAdvantage Solutions at HP, Inc. "That’s why HP has established a new benchmark in managed print services, infusing security best practices into everything that we do to enable our customers to stay on top of growing endpoint security challenges."

It's good to see a hardware vendor take pro-active steps in securing devices before a massive hacking incident occurs. You usually see companies take this kind of steps after a major incident, not beforehand.