By Chris Watson, CEO of Cyber Collab, and Ross Tregaskis, Representative of BBC Digital
At Cyber Collab, we have been collaborating with printer suppliers, such as BBC Digital, to help them enhance, maintain and uplift the service they provide to clients. These partnerships have highlighted how often printers are overlooked in cyber security assessments, despite being a common operational technology (OT) within businesses.
As Ross Tregaskis of BBC Digital points out, “Printers are seen as everyday tools, yet their complexity and connectivity make them vulnerable if not properly secured.”
This collaboration between cyber security experts and printer providers emphasises the importance of understanding the potential threats that printing devices can pose and how businesses can protect themselves.
What is Operational Technology (OT)?
Operational Technology (OT) refers to hardware and software systems that monitor and control physical devices, processes and infrastructure. Unlike Information Technology (IT), which deals with data processing, OT is embedded in devices that control machinery, equipment, or infrastructure. Printers, though commonly viewed as simple office tools, fall under this OT umbrella when they are network-connected, making them a potential entry point for cyber threats.
Why Printers Pose a Cyber Security Threat
“Printers are often connected to the same network as computers, servers and other IT infrastructure,” says Tregaskis, “but they tend to be overlooked in security assessments.”
Common vulnerabilities Cyber Collab CEO Chris Watson and Ross Tregaskis see are:
- Weak Authentication: Many printers are not secured with strong passwords or are left with default settings, allowing attackers easy access.
- Outdated Firmware: Many printers run outdated firmware that lacks modern security patches. Cybercriminals can exploit these vulnerabilities to compromise the printer and pivot to more critical systems.
- Stored Sensitive Data: Printers frequently handle sensitive documents and may store copies of print jobs in their memory. If not secured, this data is accessible to attackers.
- Remote Access: Many modern printers offer remote printing features. Without proper security, this can provide hackers with an entry point into a business network.
How to Reduce Printer Vulnerabilities
Reducing vulnerabilities in printers and other OT devices requires a multi-layered approach. Watson and Tregaskis advocate:
1. Secure Access
Protect printers with strong, unique passwords, and where possible, implement multi-factor authentication for administrative access.
2. Regularly Update Firmware
Always update printer firmware to the latest version to patch known vulnerabilities. Set up automatic updates if available.
3. Network Segmentation
Separate printers from critical IT systems through network segmentation. This prevents attackers from moving laterally within the network if a printer is compromised.
4. Disable Unnecessary Features
Turn off unused features, such as remote access or cloud printing, to reduce the attack surface.
5. Monitor Printer Traffic
Use monitoring tools to track network traffic from printers for suspicious activities. Set up alerts for unusual patterns, such as large data transfers or unknown IP access attempts.
“At BBC Digital, we emphasise not just supplying high-quality printers but ensuring our clients are aware of the security implications and helping them maintain robust security practices,” adds Tregaskis.
“Canon has partnered with McAfee as its security partner. Our customers can feel confident that this antivirus is running live to stamp out any malicious cyber threats. This is the latest addition combined with the extensive security features incorporated in the imageRUNNER ADVANCE Gen III Series III multifunction devices running firmware v3.9.” says Tregaskis.
“The next level of security is uniFLOW Online SAAS managing your entire print and scan environment in the cloud. Built on Microsoft Azure Zero Trust Framework, mitigating the risk of print and scan data breaches via in-office and remote employees. Data sovereignty ensures your data is protected by Australia’s stringent laws and governance. Hosted within Australian based data centres on Microsoft Azure, uniFLOW Online offers the latest in updates and security, saying goodbye to onsite print servers.” Adds Tregaskis.
Cyber Collab provides health check and testing services to help businesses manage the security of their printer networks. “We assist in writing comprehensive policies that govern the use and maintenance of OT devices like printers” says Watson.
What to Do You Suspect a Printer Has Been Compromised
If you believe your business has fallen victim to a printer-related cyberattack, immediate action is critical:
1.Disconnect the Printer
Immediately disconnect the suspected printer from the network to prevent further damage.
2. Conduct a Forensic Investigation
Engage a cyber security consultant to perform a forensic analysis to determine the scope of the breach and how the printer was compromised.
3. Change Credentials
Reset all passwords and update security settings across all devices, not just the compromised printer.
4. Notify Affected Parties
If sensitive data was compromised, notify the relevant parties and comply with any legal reporting requirements.
5. Review and Strengthen Security Postures
After the incident, review your OT and IT security strategies. Implement stronger controls, continuous monitoring, and regular penetration testing to avoid future breaches.
“At Cyber Collab, we specialise in rapid containment of cyber incidents and work to restore operations while providing actionable insights to prevent future occurrences,” says Watson.
Conclusion
Printers are essential but often neglected components of a business’s OT infrastructure. Through our collaboration, Cyber Collab and BBC Digital aim to raise awareness of the cyber security risks that printers pose. By understanding these risks, businesses can reduce vulnerabilities and respond quickly to potential incidents, safeguarding their sensitive data and operational networks from future attacks.