At this year’s DEF CON cyber security event, security researches demonstrated that by using a telephone line they could send a fax that would enable them to access and gain complete control of the recipient’s fax machine and any connected network.
Are ALL fax machines vulnerable? If a fax machine can connect to your network through an Ethernet or Wi-Fi connection, it is potentially vulnerable. Notice that I said “can connect” - your connectable fax machine can still be owned by the hackers without being connected to a network. Anything you send and receive on it could potentially fall into the hands of the attackers through the outbound use of the phone line.
While this one demonstration exploited an HP All-In-One printer/scanner/fax machine, this type of attack could theoretically be used against network connected fax machines from any manufacturer. HP has already supplied a patch to close this one vulnerability, but how many people have not applied the patch? How many other potential vulnerabilities exist like this one? From the research, it appears that this will continue to be a cat and mouse game of finding and closing loopholes, just as it is with PC’s and other devices and software.
So how do you protect yourself and your network? The first step is to add your fax machines to your cyber security risk assessment. Here are some other things to consider:
- Are fax machines included on your IT asset list and part of your IT network diagram?
- Assess the type of information you receive by fax, can it be changed to email?
- Does the fax machine need Wi-Fi or Ethernet connect ability?
- Can you implement a cloud or hosted fax solution to mitigate risk?
- Can you isolate it to its own subnet/VLAN to keep the potential impact low?
- Can you implement IDS/IPS/SIEM or some other type of Managed Detection and Response?
If fax machines require network connectivity, and you must have them on your LAN, we strongly recommend that you put them on a segregated VLAN, with a firewall between them and the rest of your network. This type of network segmentation is a strategy that can help you reduce risks without dramatically changing current business processes for end users.
If you want a third-party risk assessment, or if you want to implement a solution to prevent these kinds of attacks, we can help. Verteks has a great Managed Detection and Response service with 24/7 alert monitoring and threat hunting services. We can help you get proactive about hunting for and eliminating threats before they can impact you.