Telecom Blog

Why using fax machines for communications is a problem

1 Jul 2019

The deadly fax machine

Fax machines are a major security risk, but despite this it is estimated that there are 45 million fax machines still in use by businesses across the globe, especially popular in the medical sector where data is often sensitive.

What’s wrong with fax machines?

Cyber security firms have discovered vulnerabilities in the communication protocols used in the tens of millions of fax devices still in use, leaving organisations and individuals exposed to hacking.

The vulnerabilities found related to the communication protocols in the HP Officejet Pro All-in-One fax printers. These same protocols are also used in many other fax and multifunction printers, so even if it’s not a HP machine, the fax device you’re using could still be vulnerable.

According to the research, if an attacker obtained an organisation’s fax number, typically found on a corporate website, they could send a specially created image file by fax to the machine. Taking advantage of the communication vulnerabilities, the attacker could enable malware, including ransomware like the WannaCry and NotPetya attacks from 2018.

Once the malware is in a company’s system, it could then potentially breach sensitive data or cause disruption by spreading across the networks that the fax machine is connected to.

“Many companies may not even be aware they still have a fax machine connected to their network, but fax capability is built into many multifunction office and home printers, said Yaniv Balmas, group manager of security research at UK security firm Check Point.

“This research shows how these overlooked devices can be targeted by criminals and used to take over networks to breach data or disrupt operations.”

What can you do to protect yourself from a fax machine attack?

HP, has developed a software patch for its combined fax printers, and is available on its website. Anybody using another fax brand should check the manufacturers site for available firmware and apply them.

It is also good practice to place your fax on a secure network segment separated from applications and servers that may carry sensitive information. By doing this, you limit the ability of malware to spread across the network.

At Comsource we’d recommend ditching the fax machine altogether and moving to a virtual fax service that increases security and simplifies office life by directing all incoming faxes to your email account.


Also Read

  • SHDSL might be your speed solution until NBN arrives
    Increasingly Australian businesses are moving to cloud based software solutions. Comsource Business Grade Ethernet solutions can significantly increase the efficiency of your cloud based software. …
  • Cloud PBX or On-Premise PBX?Cloud PBX or On-Premise PBX?
    Zach from Comsource recently interviewed independent phone technician, TJ, to discuss the differences between a Cloud PBX and an On-Premise PBX, and which is best for small to medium Australian businesses. …
  • How workplaces are adapting in an uncertain worldHow Workplaces are Adapting in an Uncertain World
    As COVID-19 lockdown restrictions begin to relax, how will your workplace adapt in an uncertain world?…
  • Why is the Congo calling me on Melbourne Cup Day?
    A: Phone Hacking. This happens when your company’s phone system is accessed by outsiders who then route overseas calls through your lines – running up international call costs in the process.…