PRINT BUSINESSES ATTACKED BY CYBER CROOKS

By Wayne Robinson | 16 April 2025

Printers are being urged to ensure their cyber security is at the highest level, as at least two major print businesses have been hacked by criminal cyber gangs

Cyber criminals: Be prepared — *Cyber criminals: Print businesses need to be prepared*

TMA was the subject of a cyber attack on one of its technology divisions this week, and Print21 understands that yesterday another major print business was also attacked.

Sources say criminal hacking group Sarcoma was likely behind the attempted attack on TMA. However, Anthony Karam, CEO of TMA said, "Our businesses continued to operate, there was no interruption to manufacturing, warehousing or logistics."

TMA is a major print group, with multiple operating entities, but the attack was focused on one of TMA's car parking technology divisions, and Karam says any danger has passed.

Calling on printers to make sure they are managing their cyber security, Kellie Northwood, CEO of the Visual Media Association echoed the thoughts of the entire print industry, she said, “It is a disgrace that hackers can try and do this to businesses.”

In response to the attempt the VMA is urging all members to remain highly vigilant, to review and update their cyber security policies, and to ensure incident response protocols are current, and robust. The VMA said any print businesses that had not reviewed their cyber security in the last six months needs to do so.

Northwood said, “Cyber security is no longer a backroom IT issue. It’s a whole-of-business risk management imperative. As an industry that manages large data files, proprietary creative assets, intellectual property and essential customer communications, we must take the threat of cyber-attacks seriously and act pre-emptively.

“From our small businesses to our largest production houses, cyber threats do not discriminate. Every business, regardless of size or structure, must have appropriate protection measures in place. Prevention is the best line of defence, and preparation is critical.”

The VMA also highlighted that the consequences of cyber breaches extend far beyond data loss. It said downtime, reputational damage, financial penalties, and legal liabilities are real risks businesses face without adequate safeguards.

The attempted hacks this week highlight the lurking danger to print businesses from cyber criminals. However, there are steps any print business can take to minimise the threat. Print businesses will also do well to know the steps they should be taking if they are hacked by criminals.

The VMA has re-released resources as a reminder and to assist members in strengthening their digital resilience. These include checklists for essential safeguards, guidance on employee training to recognise phishing scams and ransomware threats, and templates for cyber incident response plans.

Additionally, the Association is calling on suppliers and partners to review their digital security protocols to ensure end-to-end supply chain security.

Northwood added, “If you haven’t reviewed your cyber security policies in the past six months, now is the time. And if you’re unsure where to begin, contact the Association – we are here to help. We have the tools and expertise to guide members through securing their systems and educating their teams as well as information to assist members in their knowledge of mandatory reporting requirements.”

As the industry increasingly relies on digital technologies and remote access systems, the attack surface for cyber criminals has expanded. With the evolving complexity of threats, such as targeted ransomware campaigns and supply chain infiltrations, the VMA is calling for a sector-wide commitment to uplift digital defences.

“Cyber security is a shared responsibility across the industry. A breach in one part of the chain can compromise the integrity of the whole. By working together, sharing knowledge, and staying alert, we can create a resilient and secure industry landscape,” said Northwood.

Print21 published a feature on cyber security for printers two years ago, to assist print businesses in preparing their companies against cyber attacks, click here to access the article.

Sarcoma is likely based in Eastern Europe. It was reportedly the group behind another ransomware attack last month on a New Zealand tool retailer. The ToolShed didn’t pay the ransom, and the stolen data was then leaked onto the dark web. Sarcoma is thought to be deliberately targeting businesses in Australia and New Zealand.