Printers Hacked to Send Ransomware Bomb Threats to U.S. Universities

USA Today College reports that several universities in the United States are dealing with bomb threats sent to campus printers and fax machines over the past two weeks, with authorities struggling with how the attackers were able to gain access to university networks to send the threats.

The universities that received the threats include Vanderbilt University, University of Southern California, University of Virginia, and University of Detroit-Mercy. Several businesses around the United States were also targeted, including businesses in Asheville, North Carolina; Grand Forks, North Dakota; Detroit, Michigan; Fairview Park, Ohio; and Pompton Lakes, New Jersey.

Universities and businesses reported print-outs, faxes, and emails asking for a ransom to be paid by Western Union in the amount of $25,000 to a Brazilian citizen, Asheville, North Carolina, police told the Citizen-Times.

The messages stated “that the recipients’ properties were rigged with explosives that would be set off if the ransom was not paid. Local police authorities in Detroit and Ohio said the threats were part of a hoax and not credible.”

The United States FBI has launched investigations into the source of the threats, and said in a public statement that they “remain in touch with our law enforcement partners to provide assistance if needed.”

In January 2017, several U.S. universities, including Vanderbilt, Stanford University and UC Berkeley, reported that their printers and fax machines were hijacked, with the devices printing out anti-Semitic fliers.

According to Zachary N. J. Peterson, an associate professor of computer science at California Polytechnic State University, San Luis Obispo, the universities are probably deploying their printers and fax machines outside of their network’s firewall in order to make it easier for students to print to them from off campus.

Peterson told USA College: “That seems like, on the surface, a sensible decision. The problem is just when others know that, and now they’re printing things that are obnoxious or obscene from off campus. It’s likely just trolling, people trying to prove a point or create a scare factor.” However, he notes that getting spam – unsolicited messages – by fax machine is nothing new: “Getting spam by fax is nothing new, and as long as fax machines have been around, people have been spamming faxes.”

He advocates that enterprises keep printers secure by “keeping their software up to date, not using default passwords, and configuring their devices correctly.”

After receiving the threat message on May 30th, the University of Virginia announced it would take “corrective action to close off external access to some publicly accessible printers.”

More Resources

• June 2017: CompTIA Certmaster Introduces New Course On Latest Cybersecurity Certification
• May 2017: Lexmark Beefs-Up Printer and MFP Security with New Secure Document Monitor
• May 2017: Samsung Launches New Remote-Troubleshooting, Security Apps
• May 2017: Next-Generation Nuance eCopy ShareScan V 6.0 Boasts New Security, Productivity Features
• May 2017: New HP LaserJet Enterprise 600 Series ‘Highest-End A4s’ with Highest Level of Security, FutureSmart 4, More
• March 2017: Canon Introduces imageFORMULA ScanFront 400 Scanner with Beefed-Up Security Features
• March 2017: New Brother Business-Class Laser Printers, MFPs Feature ‘Enterprise-Level Security,’ Workflow Solutions
• March 2017: OKI Europe Rolls out New A4 Desktop MFP, MC536dn, with Enhanced Security, More
• February 2017: 150,000 Printers and MFPs Said to Have Been Hacked
• February 2017: HP Recruits Actor Christian Slater to Warn of Printer Security Vulnerabilities
• February 2017: Scammers Blackmailing Users Seeking Help for ‘Printer Error’ Messages
• January 2017: HP: Battle Hackers with these Printer Security Solutions
• December 2016: HP Redesigns MPS to Protect Networked Copier/MFPs, Printers Now Pre-Configured for Security
• September 2015: The Internet of Things – Including Printers – Poses Significiant Security Risks, Warns FBI
• September 2014: Canon PIXMA Printer Hacked to Demonstrate Vulnerability of ‘Internet of Things’