22 February 2017
To expose businesses to the reality of these risks, HP Studios released The Wolf, a dramatic short film series about one cybercriminal’s lucky day. Check out the first part here:
The Wolf is named for the star, “a morally ambivalent and charmingly sinister hacker,” said Vikrant Batra, global head of marketing for imaging and printing at HP Inc. While it’s easy to get lost in the drama of his attack, the underlying message is important for all businesses. Batra says HP Inc.’s goal is “to expose how print security is often viewed as an afterthought, leaving businesses vulnerable to cyber attacks.”
An average day in the life of a predator
The Wolf is grateful for the state of printer security—even though you definitely won’t be after watching the series. While his target, Pierce Arthur Financial, is fictional, it could easily be a representation of any number of our customers. For the narrator, it’s basically child’s play to create mass havoc. In fact, The Wolf gains his first advantage within seconds by systemically breaking into the mail room printer with his mobile device. A little patience and one email later, he’s in position to destroy members of the boardroom with sensitive info.
Spoilers are the absolute worst, so we won’t tell you how it turns out. But what we will say is that The Wolf remains undetected without breaking a sweat. Smart predators always strike their prey in the most vulnerable spot. For Pierce Arthur and the vast majority of other organisations worldwide, one of the weakest network security links is the printer.
Security tips The Wolf doesn't want you to know
While The Wolf in the film isn’t a literal threat to your organisation, there are packs of real-life wolves running wild. Unfortunately for them, you can apply the film predator’s sinister knowledge of common security issues to your office, ensuring you don’t become tomorrow’s juicy prey. Through the eyes of The Wolf, you can discover what criminals don’t want you to know about security mistakes.
1. Sorry, but you security effort may be a waste
When a wolf knows where to pounce, your security spend doesn’t even matter. Not one printer in Pierce Arthur Financial has built-in malware protection. Does The Wolf have insider knowledge? Most likely not. But assuming a target’s printers are unprotected is a safe bet. In Pierce Arthur’s case, the printer is just a means to an end, since as The Wolf says, “the really good stuff is upstairs.” The Wolf might not have the technical sophistication to brute-force user credentials or crack his target’s perimeter security, but he doesn’t really need it. His target’s mail room printer is wide open, with no one watching.
2. Printers process a ton of sensitive info
What can a wolf do with printer access, anyway? As it turns out, everything they need. Your security’s weak link also processes and stores a surprising number of sensitive documents. By intercepting and reviewing all print jobs from his mobile device, The Wolf steals personal information on a Pierce Arthur employee. The information needed to take a crime spree from the printer to a network isn’t always payroll data or customer’s personally identifiable information (PII). In this case and many others, an innocuous business communication will suffice.
3. Predictable sheep flock together
From The Wolf’s point of view, causing a really “bad day” for his prey is as predictable as a row of dominoes. From his perspective, sheep behave predictably, and all it takes is one believable email to gain access to his target’s network. Sending a phishing email isn’t exactly hard work, but it can offer a big payoff. Humans are predictably unpredictable; they’re often highly susceptible to phishing, whaling, and impersonation attacks—especially if an email seems legit, due to a bit of clever social engineering.
Watch The Wolf pounce—on your company
Where did Pierce Arthur’s information security team go wrong? More behavioural training may have protected the employee from clicking the phishing attack. The Wolf succeeded because he gained access to the mail room printer. This unfolding crime spree is a series of failures, but it all links back to that one major oversight.
With knowledge of most businesses’ weak spot and a few minutes of monitoring print jobs, The Wolf guaranteed all the access he needed to his target’s network. A layered approach to information security is always the best practice, and lucky for you, printer security isn’t nearly as tough as the data may lead you to believe.
With the help of the leader in secure printers, businesses powered by HP can minimise any worry about wolves. Utilising built-in security features and other competitive advantages, HP printers can detect and protect against predators. When a wolf comes knocking at your door, you can deny him entry with HP security, thanks to technologies such as embedded malware detection, intrusion detection, and more.