Fax technology is still prevalent throughout corporations, Government agencies, NHS, banks and other organisations due to historical, legal and logistical reasons. Fax, for example, is still considered as visual evidence in court, whereas an email is not.
The recently discovered vulnerabilities in fax technology can enable fax machines to transform into entry points for hackers into corporate networks. Two Check Point researchers, Itkin and Balmas, say that an attacker can send malformed fax images to a fax machine containing code that exploits these vulnerabilities and then gain remote code execution rights over the targeted device, allowing the hacker to run his own code and take over the machine. From here, they say that an attacker can download and deploy other hacking tools that scan the local network and compromise nearby devices.
As this information is now circulating within the public domain, Apogee have seen a sharp increase from our customer base asking for comment and advice as to how we can assist them in reducing or removing any associated risk within their fleet.
This undoubtedly starts by looking upstream to the hardware vendor, for example, HP have already released patches to a number of models identified as ‘at risk’. With the potential of hundreds, if not thousands of models affected across all manufacturers ranges, it seems unlikely to expect patching alone will solve all cases.
Apogee can offer an alternate solution that not only enables the continued use of fax technology whilst removing risk exposure, but also provides other key benefits such as;
If hackers can gain control of your machine that handles faxing, copying and printing, this can give them a foothold on your entire network, which they could then use as an access point to explore and attack the larger organisation. Get in touch today to find out how Apogee can help secure your fax technology and work towards safeguarding your entire document infrastructure by calling us on 0345 300 9955 or completing our website contact form.