Printers a target for cyber attacks

The Australian printing and communications industry should be prepared to protect itself against new waves of ransomware attacks, a cyber security specialist has warned.

Burt Mascareigne, chief security officer and director of DropInSecurity, says the industry’s size and reliance on computer technology made it a prime target for cyber crime.

“Recent global attacks with the CryptoLocker WannaCry and NotPetya ransomware variants are toe dipping exercises, testing software and the preparedness of victims for more widespread and sophisticated attacks,” says Mascareigne.

“The industry uses computer systems to drive and maintain print and digital equipment, prepress, web-to-print, inventory management, delivery and administration – and it is all at risk."

A pessimistic Mascareigne says, “It is not a question of will it happen again or will it affect my business. It will on both counts and sooner rather than later because organisations are generally not prepared even at government levels."

He adds that DropInSecurity already provides mass deployment of the Sophos Intercept X anti-ransomware immunisation to industry companies. He says, “This is a world leading technology using machine learning in its development, and is designed to identify and block the attempted use of exploits by attackers.

"Our volume allows us to keep the computer immunisation cost down to less than $4 monthly per machine including updates. This is a small cost for any business for the security of their data and peace of mind.”

Mascareigne points out the printing industry had been targeted as early as 2015 when an industry equipment supplier became a victim.  He says, “Industry media reported that the attack locked up the supplier’s files, including accounts, sales and all history, rendering the business effectively blind."

“More recently, an interstate office of a nationally run business was compromised after a staff member opened an emailed invoice attachment purporting to be from a printing client. Although the staff member thought it odd to receive the invoice directly via email, on opening the attachment to investigate, they unknowingly triggered the ransomware attack.

“Within four hours the virus destroyed 80 per cent of all data in the state office network and began infiltrating interstate into head office servers.

“The interstate loss was catastrophic. Worse still, investigation found that staff had not routinely saved their files to a server, using their desktop drives instead. These were compromised and not backed up.                                                        

“In this incident, the cyber criminals had scanned legitimate printing company websites for staff names and email addresses. These were repurposed to send ‘services rendered’ accounts to individuals in other industry companies.

“Today, with our Intercept X anti-ransomware product, companies have far greater protection, but while software can help protect system and data integrity, it cannot change behavioural patterns of people and their curiosity to click bait links.”

Mascareigne believes that all companies should have a cyber security policy as part of their business procedures. The policy should outline cyber security threats and how to avoid them and be updated regularly as new threats emerge.

He says that, while the printing and communications industry is part of an interactive world filled with new opportunities, it is also filled with new forms of criminal behaviour that you do not always see until the damage has been done. He says, “Compromised systems can cripple a business within minutes if anti-ransomware protection and offsite back-ups are not in place.

“The entire workflow process can be destroyed including client orders and artwork, payment details stolen or compromised, invoicing and inventory management disrupted effectively bringing the printing company to its knees."
 

The 10 best cyber security practices to apply right now

1.    Backup regularly, and keep a recent backup copy off-line and off-site. Offline and off-site means ransomware cannot get to it. With recent backups data loss can be minimised.

2.    Enable file extensions. This makes it much easier to spot file types that would not commonly be sent to you and your users, such as JavaScript.

3.    Open JavaScript (.JS) files in Notepad. Doing this blocks it from running any malicious scripts and allows you to examine the file contents.

4.    Do not enable macros in document attachments received via email. A lot of infections rely on persuading you to turn macros on, so do not do it.

5.    Be cautious about unsolicited attachments. If you are not sure it is simple – do not open it. Check with the sender if possible.

6.    Do not have more login power than you need. Admin rights could mean a local infection
becomes  a network disaster.

7.    Consider installing the Microsoft Office viewers. These viewer applications let you see what documents look like without opening them in Word or Excel.

8.    Patch early, patch often. The sooner you patch, the fewer holes there are for ransomware to exploit.

9.    Stay up-to-date with new security features in your business applications. For example, Office 2016 now includes a control called Block macros from running in Office files from the internet.

10.    Install anti-ransomware immunisation like Sophos Intercept X available at www.dropinsecurity.com.au

Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at editorial@sprinter.com.au.  

Sign up to the Sprinter newsletter

Leave a comment:

Your email address will not be published. All fields are required

Advertisement

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.
Advertisement