New research reveals hackers can exploit fax machines with ease

13 Aug 2018

Image: FabrikaSimf/Shutterstock

While fax machines may be considered an outdated technology, they are still in use in many industries. New research from Check Point shows this presents a major risk.

Fax machines can hardly be viewed as cutting-edge pieces of equipment, but there are nonetheless an estimated 46.3m active machines in the world. The UK National Health Service was recently criticised by the Royal College of Surgeons for its reliance on the “archaic” device.

Many printers used in offices around the world also have fax capability, as they often serve numerous functions besides spitting out paper documents. With so many machines in use, it presents a large target for cyber-criminals.

A protocol problem with fax machines

Researchers from Check Point have revealed vulnerabilities in the popular HP OfficeJet Pro All-In-One printers. The communication protocols present in these models are also in other brands of fax machine, along with online fax services such as Fax2Email.

How does the bug work?

An attacker only needs to obtain the fax number of an organisation to carry out the attack. They then send a specially created image file to the target via fax.

The vulnerabilities allow hackers to code malware into the image file. Once the machine receives the file, it decodes it and uploads it to its memory. Malware could potentially breach sensitive information or disrupt networks to which the fax machine is connected.

Check Point advises that the organisations check for firmware updates and apply them immediately. IT managers should place the fax machine on a secure network segment separate from servers and apps that carry private or sensitive data.

HP quickly issued a patch when researchers informed it of the flaw.

Yaniv Balmas, group manager of security research at Check Point, said: “It’s critical that organisations protect themselves against these possible attacks by updating their fax machines with the latest patches and separating them from other devices on their networks.

“It’s a powerful reminder that in the current, complex, fifth-generation attack landscape, organisations cannot overlook the security of any part of their corporate networks.”

Ellen Tannam was a journalist with Silicon Republic, covering all manner of business and tech subjects

editorial@siliconrepublic.com