Printers Hacked to Send Ransomware Bomb Threats to U.S. Universities

USA Today College reports that several universities in the United States are dealing with bomb threats sent to campus printers and fax machines over the past two weeks, with authorities struggling with how the attackers were able to gain access to university networks to send the threats.

The universities that received the threats include Vanderbilt University, University of Southern California, University of Virginia, and University of Detroit-Mercy. Several businesses around the United States were also targeted, including businesses in Asheville, North Carolina; Grand Forks, North Dakota; Detroit, Michigan; Fairview Park, Ohio; and Pompton Lakes, New Jersey.

Universities and businesses reported print-outs, faxes, and emails asking for a ransom to be paid by Western Union in the amount of $25,000 to a Brazilian citizen, Asheville, North Carolina, police told the Citizen-Times.

The messages stated “that the recipients’ properties were rigged with explosives that would be set off if the ransom was not paid. Local police authorities in Detroit and Ohio said the threats were part of a hoax and not credible.”

The United States FBI has launched investigations into the source of the threats, and said in a public statement that they “remain in touch with our law enforcement partners to provide assistance if needed.”

In January 2017, several U.S. universities, including Vanderbilt, Stanford University and UC Berkeley, reported that their printers and fax machines were hijacked, with the devices printing out anti-Semitic fliers.

According to Zachary N. J. Peterson, an associate professor of computer science at California Polytechnic State University, San Luis Obispo, the universities are probably deploying their printers and fax machines outside of their network’s firewall in order to make it easier for students to print to them from off campus.

Peterson told USA College: “That seems like, on the surface, a sensible decision. The problem is just when others know that, and now they’re printing things that are obnoxious or obscene from off campus. It’s likely just trolling, people trying to prove a point or create a scare factor.” However, he notes that getting spam – unsolicited messages – by fax machine is nothing new: “Getting spam by fax is nothing new, and as long as fax machines have been around, people have been spamming faxes.”

He advocates that enterprises keep printers secure by “keeping their software up to date, not using default passwords, and configuring their devices correctly.”

After receiving the threat message on May 30th, the University of Virginia announced it would take “corrective action to close off external access to some publicly accessible printers.”

More Resources

%d bloggers like this: