This post is also available in: עברית (Hebrew)
A ground-breaking research dubbed Faxploit, conducted by CheckPoint, unfolds the shocking dangers of the seemingly simple and technologically innocent fax machine. The daunting news is that your fax number is literally enough for a hacker to gain complete control over the rest of the network connected to it.
According to checkpoint.com since most fax machines are today integrated into all-in-one printers, connected to a WiFi network and PSTN phone line, a remote attacker can simply send a specially-crafted image file via fax to exploit the reported vulnerabilities and seize control of an enterprise or home network. All of these done with the hacker simply using a fax number, which could be found easily while briefly browsing the web.
To demonstrate the attack, CheckPoint Malware Research Team Lead Yaniv Balmas and security researcher Eyal Itkin used the popular HP Officejet Pro All-in-One fax printers.
The researchers send an image file loaded with malicious payload through the phone line, and as soon as the fax machine receives it, the image is decoded and uploaded into the fax-printer’s memory.
“Using nothing but a phone line, we were able to send a fax that could take full control over the printer, and later spread our payload inside the computer network accessible to the printer,” the researcher said in a detailed blog post published recently. “We believe that this security risk should be given special attention by the community, changing the way that modern network architectures treat network printers and fax machines.”
So what could we do to protect our network from being fax-ploited?
Network segmentation is a key security strategy that aims at closing gaps in your network. It is a policy that should be implemented to minimize the level of access to sensitive information for those applications, servers, and people who don’t need it, while enabling access for those that do. So, if you do not want to disconnect your printer-fax machine then at least make sure it is placed in a segmented area. By doing this, even if it does become compromised the attacker will not be able move laterally and infect other parts of your IT network.
The Faxploit vulnerability also illustrates how important it is for organizations and consumers alike to regularly update and patch the software installed on their devices. In this way they will gain the protections provided by vendors that become aware of security flaws in their products.
In conclusion, the ‘Faxploit’ research into the vulnerabilities found in fax machine protocols a technology that many would mistakenly consider to be risk-free, proves once again how organizations and consumers alike cannot overlook any part of their corporate or home network. In fact, while our world becomes more connected through IoT devices, the cloud and mobile platforms, there still remain simpler technologies which can allow potential hackers to infiltrate IT networks and provide unauthorized access to sensitive information.