The Australian printing and communications industry should be prepared to protect itself against new waves of ransomware attacks, a cyber security specialist has warned.
Chief Security Officer and Director of DropInSecurity, Burt Mascareigne, said the industry’s size and reliance on computer technology made it a prime target for cyber terrorists.
“Recent global attacks with the CryptoLocker WannaCry and NotPetya ransomware variants are ‘toe dipping’ exercises, testing exploit software and the preparedness of victims for more widespread and sophisticated attacks,” he said.
“The industry uses computer systems to drive and maintain print and digital equipment, prepress, Web-2-Print, inventory management, delivery and administration – and it’s all at risk.
“It’s not a question of will it happen again or will it affect my business – it will on both counts and sooner rather than later because organisations are generally not prepared – even at government levels.”
Mr Mascareigne said DropInSecurity was already providing mass deployment of the Sophos Intercept X anti-ransomware immunisation to industry companies.
“This is a world leading technology using machine learning in its development and is designed to identify and block the attempted use of exploits by attackers,” he said.
“Our volume allows us to keep the computer immunisation cost down (less than $4 monthly per machine) including updates. This is a very small cost for any business for the security of their data and peace of mind.”
Mr Mascareigne said the printing industry had been targeted as early as 2015 when an industry equipment supplier became a victim.
“Industry media reported that the attack locked up the supplier’s files, including accounts, sales and all history, rendering the business effectively blind,” he said.
“More recently an interstate office of a nationally run business was compromised after a staff member opened an emailed invoice attachment purporting to be from a printing client. Although the staff member thought it odd to receive the invoice directly via email, on opening the attachment to investigate, they unknowingly triggered the ransomware attack.
“Within four hours the virus destroyed 80 per cent of all data in the state office network and began infiltrating interstate into head office servers.”
Mr Mascareigne said his company was called to urgently assist and blocked the ransomware spread, minimising data loss from the Sydney head office.
“The interstate loss was catastrophic. Worse still, investigation found that staff had not routinely saved their files to a server, using their desktop drives instead. These were compromised and not backed up.
“In this incident, the cyber criminals had scanned legitimate printing company websites for staff names and email addresses. These were repurposed to send ‘services rendered’ accounts to individuals in other industry companies.
“Today, with our Intercept X anti-ransomware product, companies have far greater protection, but while software can help protect system and data integrity, it can’t change behavioural patterns of people and their curiosity to click bait links.”
Mr Mascareigne said that all companies should have a cyber security policy as part of their business procedures. The policy should outline cyber security threats and how to avoid them and be updated regularly as new threats emerge.
He said that while the printing and communications industry is part of an interactive world filled with new opportunities, it’s also filled with new forms of criminal behaviour that you don’t always see until the damage has been done.
“Compromised systems can cripple a business within minutes if anti-ransomware protection and offsite back-ups are not in place.
“The entire workflow process can be destroyed including client orders and artwork, payment details stolen or compromised, invoicing and inventory management disrupted effectively bringing the printing company to its knees,” Mr Mascareigne said.
Intercept X immunisation can be ordered from the DropInSecurity website: www.dropinsecurity.com.au or by calling (02) 9194 4299.