Printers target for cyber attacks

The Australian printing and communications industry should be prepared to protect itself against new waves of ransomware attacks, a cyber security specialist has warned.

Burt Mascareigne, chief security officer and director of DropInSecurity, says the industry’s size and reliance on computer technology made it a prime target for cyber crime.

“Recent global attacks with the CryptoLocker WannaCry and NotPetya ransomware variants are toe dipping exercises, testing software and the preparedness of victims for more widespread and sophisticated attacks,” says Mascareigne.

“The industry uses computer systems to drive and maintain print and digital equipment, prepress, web-to-print, inventory management, delivery and administration – and it is all at risk.

A pessimistic Mascareigne says, “It is not a question of will it happen again or will it affect my business – it will on both counts and sooner rather than later because organisations are generally not prepared – even at government levels.”

Mascareigne says DropInSecurity was already providing mass deployment of the Sophos Intercept X anti-ransomware immunisation to industry companies.

“This is a world leading technology using machine learning in its development, and is designed to identify and block the attempted use of exploits by attackers,” he says.

“Our volume allows us to keep the computer immunisation cost down to less than $4 monthly per machine including updates. This is a small cost for any business for the security of their data and peace of mind.”

Mascareigne said the printing industry had been targeted as early as 2015 when an industry equipment supplier became a victim.  “Industry media reported that the attack locked up the supplier’s files, including accounts, sales and all history, rendering the business effectively blind,” he says.

“More recently an interstate office of a nationally run business was compromised after a staff member opened an emailed invoice attachment purporting to be from a printing client. Although the staff member thought it odd to receive the invoice directly via email, on opening the attachment to investigate, they unknowingly triggered the ransomware attack.

“Within four hours the virus destroyed 80 per cent of all data in the state office network and began infiltrating interstate into head office servers.”

“The interstate loss was catastrophic. Worse still, investigation found that staff had not routinely saved their files to a server, using their desktop drives instead. These were compromised and not backed up.                                                       

“In this incident, the cyber criminals had scanned legitimate printing company websites for staff names and email addresses. These were repurposed to send ‘services rendered’ accounts to individuals in other industry companies.

“Today, with our Intercept X anti-ransomware product, companies have far greater protection, but while software can help protect system and data integrity, it cannot change behavioural patterns of people and their curiosity to click bait links.”

Mascareigne said that all companies should have a cyber security policy as part of their business procedures. The policy should outline cyber security threats and how to avoid them and be updated regularly as new threats emerge.

He says that while the printing and communications industry is part of an interactive world filled with new opportunities, it is also filled with new forms of criminal behaviour that you do not always see until the damage has been done.

“Compromised systems can cripple a business within minutes if anti-ransomware protection and offsite back-ups are not in place.

“The entire workflow process can be destroyed including client orders and artwork, payment details stolen or compromised, invoicing and inventory management disrupted effectively bringing the printing company to its knees,” Mascareigne says. 

Comment below to have your say on this story.

If you have a news story or tip-off, get in touch at editorial@sprinter.com.au.  

Sign up to the Sprinter newsletter

Leave a comment:

Your email address will not be published. All fields are required

Advertisement

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.
Advertisement