Often overlooked office fax machines pose a huge vulnerability to the cybersecurity of businesses and other organizations, according to a new study.
Many such machines run on decades-old protocols that are easy for hackers to penetrate, says Israel-based software company Check Point’s study.
The study doesn’t focus on any hacks of actual fax machines, but explains how such an attack could occur and how it would work.
{mosads}The process is fairly straightforward for hackers.
Most fax lines are connected to an organization’s larger IT network, so after a cyber intruder makes their way into an insecure fax machine, everything else, regardless of what other cyber protections are in place, can become easy targets.
“From this point, through a process of lateral movement, the attacker would be able to hop from one part of the network to the next infecting a wider portion of it as he progresses,” the researchers write. “Upon such an attack, it would be a matter of seconds before an entire network was compromised and you had an intruder well embedded across your systems.”
Figuring out a way in usually isn’t too hard — most businesses post their fax numbers publicly online, giving hackers a clear entry point.
There are currently 17 million fax machines in the U.S. and 46.3 million worldwide, the report estimates.