By: Nishant Bansal, Research Manager, IPDS, IDC India
Recently in 1st week of February 2018, hackers tried to steal around $2 million from City Union Bank by disabling the printer connected to global payments platform SWIFT, preventing the bank from receiving acknowledgement messages for three fraudulent payment instructions sent that evening until the next morning. Thinking of it as a routine systemic failure, nobody suspected it to be a cyber-attack. It came into light only on the following day when bank reconciled previous day transactions and noticed that three transactions worth nearly $2 million had not originated from the Bank.
The cyber-attack on City Union Bank came almost 2 years after a similar attack which happened on Bangladesh Central Bank where hackers managed to steal nearly $81 million. Here, the hackers had infected the system with a malware which disabled the SWIFT printer and printed doctored or altered confirmation copies of the transactions.
What is common between both the cyber-attacks is that Printer was at the center of both the attacks. In the age of digital transformation, cyber security is a major threat to enterprises. Organizations are increasingly prioritizing IT security to tackle cyber threats. As organizations continue to focus on securing their endpoint devices such as laptops, tablets, smartphones, workstations etc. from vulnerabilities, one device that is often ignored is the Printer.
Printers and Multi-Function printers (MPs) are just like any other endpoint devices on the enterprise network and when left unsecured, give an easy back-door entry points to the corporate network.
With the rise of MFPs in the last decade, which has network connectivity, hard disk and memory to store tasks, the threat has become even more significant. Many a times, print-outs often lie on the output tray of a printer for a long time before being collected by the user. Many of these printouts contain sensitive and confidential information which is lying out there openly to be collected or seen by an unauthorized user. Hence, it becomes imperative that businesses take a proactive approach to print security which not only involves just securing the printers by way of enhanced features and software but also training and educating its employees about best practices for secure printing.
Some of the measures that an organization must take to ensure robust print security are:
- Evaluation of the printer fleet for security: Many Print OEMs (Original Equipment Manufacturers) and 3rd party service vendors now have in-house security experts which can conduct a complete print security assessment for the businesses and highlight gaps and vulnerabilities related to it. The experts also provide a customized plan for covering these gaps.
- User Authentication for Printouts: User authentication must be made mandatory for collecting print outs. This will help eliminate risk of unclaimed printouts containing sensitive and classified information being left in the output paper tray of the printer. Many vendors now have MFPs which require mandatory user authentication either via. User PIN or an employee card reader for printing and collecting printouts.
- Securing the Network and Endpoint: In case of Bangladesh Central Bank heist, Investigations later revealed that the bank had no firewall in place and was using $10 second hand endpoint switches which left the entire network vulnerable to cyber threats. Hence, it is imperative that there is network and endpoint are properly secure by controlling network access to regular users and keeping systems up to date by running regular software patches for removing vulnerabilities.
- Continuous Monitoring and Fleet Management: Businesses should continuously monitor the usage of print devices and perform regular audits to ensure regular compliance to security policies and standards. One way to go about this is via Managed Print Services (MPS), which helps businesses to outsource the security monitoring and fleet management to either OEMs or service providers. With MPS, businesses would automatically receive regular software patch updates for the printer fleet and ensure robust print security.
Many manufacturers have started providing in-built security features in the printer interface to protect the devices and company network. MFPs these days can receive automatic security updates, validate if software is genuine or not plus detect and stop malware attacks while the device is running.
Organizations need to ensure that printer security is part of overall information technology (IT) security of the enterprise. This way they can protect themselves and most importantly, one of the biggest currency in the world today, i.e. Data.
(Nishant Bansal is a Research Manager for the Imaging, Printing and Document Solutions (IPDS) IDC India. Nishant is responsible for deep dive research and insights in and around the printer market in India. He leads a team of analysts who are responsible for tracking, sizing, and analyzing the IPDS market in India. Prior to joining IDC, Nishant was associated with HP Inc, where he was part of the Worldwide Competitive Intelligence for Inkjet Printers for over 6 years. He has extensive experience in competitive response, analysis, and other research projects in the print domain. Nishant holds a postgraduate degree in management from Welingkar Institute of Management, Mumbai and is a Bachelor of Engineering from Nagpur University.)