Fax protocol vulnerability lets malware be sent over phone line: Report

Using fax for business communications in North America is increasingly disappearing, but it’s still important in some sectors — particularly healthcare and legal.  Which is why a warning by Check Point Software of a fax machine protocol vulnerability that could lead to network infiltration needs to be heeded.

In a blog this week the company said all an attacker needs to do is send a malicious file over the phone line of a fax machine (including faxes that are part of all-in-one printers).

“The crucial element to notice is that whereas most attacks today penetrate through an Internet connection to enter an organization’s network, using this vulnerability in the fax protocol even a network that is completely detached would be vulnerable,” says the vendor. “This is due to the attack being channeled through a route that until now was considered to be secure and need not have protection layers applied.”

In addition to getting into a corporate network an attacker could tamper with a fax itself or steal sensitive data in a fax, says the blog. Check Point proved the validity of the concept, which it dubs Faxploit, by testing it on an HP Officejet machine. Hewlett Packard has already issued a patch for dozens of models.

Infosec teams should check with makers of devices that have fax capability in their organizations to see how they are handling this vulnerability. Network segmentation is one defence. If there are all-in-one devices in your environment but the fax capability isn’t being used then it shouldn’t be connected to a phone line.

For its test Check Point built an attack using the Eternal Blue and Double Pulsar Windows exploits squeezed into a JPG file. This video explains how it was done.

According to Check Point there are currently around 46.3 million fax machines still in use around the world, with 17 million of them in the U.S. alone.

“Maintaining a frequent patching schedule and segmentation infrastructure, along with a high level of IT hygiene in general, is essential for protecting your data from potential attacks, from wherever they may come,” says the vendor.

Check Point has a detailed description of the attack techniques here.

Would you recommend this article?

Share

Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.


Jim Love, Chief Content Officer, IT World Canada

Featured Download

Howard Solomon
Howard Solomon
Currently a freelance writer, I'm the former editor of ITWorldCanada.com and Computing Canada. An IT journalist since 1997, I've written for several of ITWC's sister publications including ITBusiness.ca and Computer Dealer News. Before that I was a staff reporter at the Calgary Herald and the Brampton (Ont.) Daily Times. I can be reached at hsolomon [@] soloreporter.com

Featured Articles

Cybersecurity in 2024: Priorities and challenges for Canadian organizations 

By Derek Manky As predictions for 2024 point to the continued expansion...

Survey shows generative AI is a top priority for Canadian corporate leaders.

Leaders are devoting significant budget to generative AI for 2024 Canadian corporate...

Related Tech News

Tech Jobs

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.

Tech Companies Hiring Right Now