In an age of instant communication over the internet, the fax machine is seen as an archaic piece of technology. But it could potentially prove to be a gold mine for hackers looking to steal company secrets.
Check Point Software Technologies said that fax machines — which still reside in many offices — have serious security flaws. Those vulnerabilities could potentially allow an attacker to steal sensitive files through a company’s network using just a phone line and a fax number.
In a report released on Sunday, Check Point researchers showed how they were able to exploit security flaws present in a Hewlett Packard all-in-one printer. Standalone fax machines are a rarity in companies today, but the fax function is still present in commonplace all-in-one printers.
They faxed over lines of malicious code disguised as an image file to the printer, relying on the fact that no one usually checks the contents received over a fax. The file was decoded and stored in the printer’s memory, which allowed the researchers to take over the machine. From there, they were able to infiltrate the entire computer network to which the printer was connected.
Today, companies invest heavily to fortify their networks using the latest technologies available. Security firms such as U.K.-based Darktrace believe that artificial intelligence is key to tackling cyber threats. But most of that effort is concentrated in parts of the network that hold the most sensitive files, leaving less important areas — like the all-in-one printers — more vulnerable to attacks.