Dubbed the Faxploit, the attack can be carried out using only a fax number, according to a paper Check Point presented at the Defcon hacker event in Las Vegas today.
The team used an HP all-in-one printer fax machines as the test case, and close cooperation with the company ensured a patch for the vulnerability was provided for HP’s products. But similar attacks could apply to other vendors as the vulnerability lies in the fax protocol itself.
Check Point researchers illustrated how organizations of all sizes, as well as consumers, could be exposed to infiltration by hackers looking to exploit vulnerabilities in fax machine communication protocols. The scary thing is that fax numbers, the only thing needed to carry out the attack, are readily available in public on business cards or web sites.
Compared to the past, when fax machines were standalone devices, the machines of today are connected devices that combine fax, printers and photocopiers altogether. Almost every company has them. By exploiting vulnerabilities inherent in the fax protocol, the researchers could gain access to an entire IT network.
Popular online fax services, such as fax2email, are using the same protocol, and that means the same vulnerability may apply to them as well.
The researchers said that if you penetrate a single access point on a network, then you can compromise everything connected to it via “lateral movement.” The attacker hops from one part of the network to the next within seconds. The illustration at the top of the story shows this.
One of the problems is that this means that networks that are not connected to the internet are also vulnerable. Attackers could steal documents, and do other damage too, such as stealing a customer’s account number on a document.
Check Point said there are around 46.3 million fax machines still in use, with 17 million of them in the US alone. Surprisingly, in some
countries, like Japan, there is a particular affinity for the fax machine, with 100 percent of its businesses and 45 percent of private homes still owning a fax machine.
The healthcare industry, for one, governed by HIPAA regulations, is still a big player in sending faxes and the main customer of worldwide fax sales. In addition, the legal Industry argues that fax machines offer legal professionals convenience when sending documents to clients and confirmation that the message was received.
So, while the use of fax machines has in general radically subsided over the last 15 years, due to the rise of email and other electronic communication applications, it is still very much the norm for many industries who consider it a more secure or legally binding form of doing business.
To protect against attack, Check Point recommends segmenting your network, which sadly negates the advantage of networking fax machines and other devices together.
“It is a policy that should be implemented to minimize the level of access to sensitive information for those applications, servers, and people who don’t need it, while enabling access for those that do,” Check Point said. “Once unauthorized access is gained, network segmentation can provide effective measures to mitigate the next stage of intrusion into a network and limit the spread of the attack by lateral movement across it.”
It also suggests you regularly patch your fax devices.