Security Vulnerability of Fax Machines

Two check point researchers warned last week that two recently identified fax protocol flaws could turn fax machines into ports of entry for hackers into business networks during a session at the Las Vegas-based DEF CON 26 security conference.

According to the copy of the DEF CON presentation presented by Eyal Itkin and Yaniv Balmas last week, this assault, known as "Faxploit," targets the ITU T.30 fax protocol. 

It doesn't matter whether your practice is large or small, all cybercriminals need is a fax number to exploit a flawed fax protocol. The hacker could be able to take total control of your business or home network thanks to this vulnerability. Furthermore, it is not difficult to locate fax numbers, given that they may still be found on business cards and websites.  

The fax machine may appear old-fashioned to most businesses, but it's still in use in the banking, healthcare, and other regulated sectors. Actually, 17 billion faxes are sent annually, and over 45 million fax machines are still in operation worldwide. 

In this article, we have shared groundbreaking research "Faxploit." Here is what you should know. 

 

What is a Faxploit?

Globally, check point software technologies is a top supplier of cyber security products. For example, check point revealed their findings on a vulnerability they called "Faxploit" at the Defcon hacking conference in Las Vegas. 

The well-known HP OfficeJet Pro All-in-one fax printers served as the test subjects for the check point team's experiment. They discovered several security holes in these fax machines, which they eventually exploited. 

The check point team successfully exploited the flaw, built a backdoor into the network the fax machine was linked to, and then stole the data via the fax. 

 

HP swiftly patched the problem using security software once the check point informed them of the problem. The researchers do caution that other fax machines and multi-function printers also use the same fax protocols as HP OfficeJet Pro all-in-one fax printers. 

 

How Does a Faxploit Work? 

There are several phases in, Faxploit's works. Here are the steps to be followed:

Step 1- The organization's website or business card provides the cybercriminal with the fax number.

Step 2: A specially produced image file is then faxed to the victim by the cybercriminal. 

Step 3: Fax flaws make it possible for malware to be encoded in the picture file's code, including ransomware, crypto miners, and spyware. 

Step 4: The harmful code is decoded by the fax machine and uploaded to its memory.

Step 5: The malware can then spread across any networks the fax machine is connected to or compromise sensitive data, such as PHI. 

At one point, check point researchers were able to take complete control of the fax machine and transfer malware to an exposed PC. 

Many multi-function healthcare  offices and work-from-home use  printers come with fax capabilities that can be comprised. The study demonstrates how hackers might leverage these underutilized gadgets to hijack networks, compromise data, or interfere with operations.

It’s imperative that healthcare practices must update their fax machines with the most recent fixes and keep them isolated from other devices on their networks in order to safeguard themselves against these potential assaults. It serves as a warning that practices cannot ignore the security of any aspect of their networks in the current, intricate fifth-generation attack scenario.

How to get rid of the fax altogether?

The healthcare sector is infamously out of date. Not only is the industry flooded with fax machines they also continue to utilize pagers, which can also have inherent security weaknesses.

Healthcare practices need to move to the cloud and leverage HIPAA-compliant fax solutions such as Medsender. 

MedSender Logo, no text

Ready to get started with
Medsender?