Beware the fax machine: some hackers target old gadgets


  • TECH
  • Monday, 13 Aug 2018

Many machines are too old to even update. That means it will be difficult for companies to stop hackers from entering their system.

What could be less threatening than the old office fax machine? Nothing. That’s precisely why it’s used as a backdoor for hackers to get into an organisation’s network.

Check Point, a cyber security firm in Israel, said that their research discovered security flaws in tens of millions of fax machines.

The hack works by sending an image file through the phone line – or a file that the fax machine thinks is an image file – and that is coded to contain malicious software. When a company receives the photo, the image is decoded and uploaded into the fax-printer’s memory, allowing the hackers to take over the device and spreading the malicious code through the network.

“Many companies may not even be aware they have a fax machine connected to their network, but fax capability is built into many multifunction office and home printers,” said Yaniv Balmas, group manager of security research at Check Point.

The researchers focused on Hewlett Packard’s OfficeJet Pro all-in-one fax printers – the global market leader for fax machines. Hewlett Packard quickly fixed the issue – a patch is available on their support page – but the same vulnerabilities are present in most fax machines, including those by Canon and Epson.

Many machines are too old to even update. That means it will be difficult for companies to stop hackers from entering their system.

Globally, businesses use an estimated 45 million fax machines. Faxes are still widely used in healthcare, banking, and law, sectors in which highly sensitive data is stored. In the US medical sector, 75% of all communications are sent by fax.

To prevent organisations’ networks from becoming compromised, experts recommend that companies check if their fax machines can be updated, or place fax devices on a secure network that is separate from the networks that carry sensitive information. — AP

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3
Subscribe now to our Premium Plan for an ad-free and unlimited reading experience!
   

Next In Tech News

India plans federal oversight of all real-money online games-sources, document
Could EV charging stations become targets?
Opinion: Musk's Twitter won't die. Look at Telegram
Amazon to restart advertising on Twitter - Platfomer reporter
Search for answers in US triple killing to focus on murky world of online predators
Opinion: San Francisco's self-cleaning public toilets make me scared for the future
Review: 'Gotham Knights' has some bright spots, but doesn’t carry torch to 'Arkham' video game legacy
Musk says 'possible' that Twitter gave preference to leftists during Brazil election
Crypto broker Genesis owes Gemini's customers $900 million, Financial Times reports
The first SMS was sent 30 years ago. When will the last one be?

Others Also Read