Fax machines ripe for hacking, says new study

Often overlooked office fax machines pose a huge vulnerability to the cybersecurity of businesses and other organizations, according to a new study.

Many such machines run on decades-old protocols that are easy for hackers to penetrate, says Israel-based soft­ware com­pany Check Point’s study.

The study doesn’t focus on any hacks of actual fax machines, but explains how such an attack could occur and how it would work.

{mosads}The process is fairly straightforward for hackers.

Most fax lines are connected to an organization’s larger IT network, so after a cyber intruder makes their way into an insecure fax machine, everything else, regardless of what other cyber protections are in place, can become easy targets.

“From this point, through a process of lateral movement, the attacker would be able to hop from one part of the network to the next infecting a wider portion of it as he progresses,” the researchers write. “Upon such an attack, it would be a matter of seconds before an entire network was compromised and you had an intruder well embedded across your systems.”

Figuring out a way in usually isn’t too hard — most businesses post their fax numbers publicly online, giving hackers a clear entry point.

There are currently 17 million fax machines in the U.S. and 46.3 million worldwide, the report estimates.