Despite their greatly obsolete communications technology, fax machines can still be found in many offices today. Particularly, people still prefer to send faxes in the healthcare industry and in government. Even many all-in-one printers have fax functionality. The surprising ubiquity of devices with fax functionality has encouraged researchers from Check Point Research to study their information security. To that end, researches sent faxes with malicious code–disguised as an image file–to all-in-one printers with fax functionality.
The trick is that this code throws the fax machine "out of whack" and causes a buffer overflow; as a result, the loaded malware can be executed, therefore giving researchers unfettered access to the entire network. The device does not necessarily give people clues as to when these faxes are "received". There are no warning tones either.
The scary revelation: This type of attack can also be used on a great deal of fax machines, since telephone lines, unlike the other data lines, are not protected or monitored by special protection mechanisms.
"This example clearly shows that all possible communication methods must be accounted for and assessed in a security concept. This security concept must be periodically reviewed and–if necessary–revised, since there are always new findings and attack scenarios. Legacy systems (devices and utilized communications protocols) must likewise be continuously checked to determine if they still meet standards", explains Alexander Matheus, Senior Expert of Smart Technologies at the VDE Institute.
As such, the VDE Institute recommends deactivating unused fax machines or the fax function in all-in-one devices. To do so, only the telephone connection needs to be disconnected. If the fax machine cannot be disconnected from the rest of the network, you should by all means wait for updates from the manufacturer and quickly install them.
