Malicious fax leaves firms open to attack

Check Point

Trapped the image data sent by fax, it can allow malicious hackers to sneak into corporate networks, security researchers have found.

Given that many of the companies use fax machines that are also printers and copiers, which often have a connection to the internal network.

The malicious images to exploit the protocols established in the 1980s that define the format of the fax messages.

The research was presented at the Def con hacker conference in Las Vegas.

The two researchers, said that millions of companies could be at risk due to it currently, did little to ensure the fax lines.
There is No security

“Fax has no security measures built in to absolutely nothing,” the security researcher Yaniv Balmas, Check Point software, told the BBC.

Mr Balmas discovered security holes in the protocols of fax with the help of his colleague Eyal Itkin and said that they were “surprised” by the extent to which the fax is still used.

“There seems to be a large number of organizations, government agencies, banks and others that are still using fax,” said Mr. Balmas.

He added that there were historical and legal reasons that the aging of the technology is still very frequent.

“Fax is still considered as visual evidence in court, but an email is not,” he said. “That’s why some government agencies require you to send a fax”.

England’s NHS is known for being a great user of fax machines. About 9,000 of them were found recently to be still in use in the service.

To gain control of the machine that is responsible for faxes, copying and printing can give attackers a foothold into a vulnerable network. You could use this access to explore and attack to the larger organization, the Lord said Balmas.

The weakness arises in protocols that define the shape of the data that compose the fax messages must be prepared.

“The protocols that we use for fax became standard in the 1980s and have not been changed since then,” Mr Balmas, he said.

Getty Images

This weakness we are going to the couple of the elaboration of an image that harbored a malicious payload.

For your test case, the load is used a software exploit known as Eternal Blue, who was behind the massive WannaCry attack last year.

The fax protocols were poorly drafted, which had led to the person to be interpreted in different ways by different manufacturers, the Lord said Balmas.

And this had contributed to the vulnerabilities in the fax system.

In particular, the researchers found problems with the way in which the protocols were used in some multi-purpose HP printers that are widely used in the business world.

HP has published a patch for its printers, which will close the gaps found by the pair.

But, said the Lord Balmas, because the fax numbers were very widely shared, that could be an easy place to find attack route for hackers who attacked different machines.

So far, there is no evidence that the hackers are using the trap of images to penetrate into otherwise well-defended networks.