While we have been hearing plenty of peculiar reports from the Def Con hacker conference since the time it started, here comes another piece of interesting news. Researchers from CheckPoint Software presented a detailed report at the conference explaining ‘Faxploit’ – a term they coined to refer fax machine exploit for hacking.
Faxploit – Allowing Hackers To Exploit Fax Machines For Massive Hacks
Researchers at CheckPoint Software discovered several vulnerabilities in all-in-one printers that resulted in Faxploit. They presented a detailed report at the Def Con Las Vegas explaining how potential hackers can exploit fax machines to hack entire networks.
The hackers began digging out fax vulnerabilities keeping in view the wide use of fax in the corporate sector. The way that the conventional fax machines were transformed into all-in-one printers which remain in most offices today hint towards either the necessity of this technology even in the present times or alternatively that faxes are not widely or regularly used but remain a forgotten function thought to be redundant and harmless until now.
These printers work over WiFi, Ethernet, and Bluetooth, etc. – that is – communication means vulnerable to hacking. Hence, the researchers set out to find if there is a way to exploit fax for hacking. For this, they used an HP all-in-one printer as the object.
Summarizing their work for the ‘Faxploit’ discovery, the report states,
“Using the HP Officejet Pro 6830 all-in-one printer as a test case, we were able to demonstrate the security risk that lies in a modern implementation of the fax protocol. Using nothing but a phone line, we were able to send a fax that could take full control over the printer, and later spread our payload inside the computer network accessible to the printer.”Allegedly, after discovering the vulnerability, the researchers informed HP about it on May 1, 2018. Then, after continuous collaboration for months between HP and the researchers regarding the flaws, HP patched the vulnerabilities on August 1, 2018. The researchers then disclosed their report publicly at the Def Con 2018.
Is ‘Faxploit’ A Red Alert For Network Security?
The discovery of Faxploit gives a food for thought to the cybersecurity researchers, experts, and analysts. Indeed, such vulnerabilities raise concerns about the present network security status.PC Mag comments on these findings in the following way,
“There are really two issues here. The first is that the fax-enabled machine was able to execute arbitrary code sent to it remotely. There's no reason for this to happen, especially from files sent via fax line. The second more pressing issue is one of device security. When we think about secure networks, we probably think about computers, servers, and maybe phones. Those obviously need to be locked down. But what about the routers, Wi-Fi printers, repeaters, smart light bulbs, and other devices on the same network? If these independent devices are accessible over the internet, then they can become beachheads for the invasion of a secure network.”Certainly, under such circumstances, no one can ever become confident of their cybersecurity levels. Considering the trail of cyber attacks at corporate giants like Adidas, such findings further create a wave of fear.
Max Eddy, Software Analyst at PCMag, while speaking with LHN, commented about this situation,
“Manufacturers and customers need to take a holistic view of their networks and devices. Just because it doesn't have a screen doesn't mean it can't be a target.”He further expressed his concerns about such vulnerabilities affecting various organizations and their consumers.
“The point of research like this is to be a wakeup call for vendors and corporate decision makers. Vendors need to take security seriously and consider that their devices can be used in an attack. The people who decide how to allocate corporate budgets need to listen to their IT people, most of whom understand that any device connected to the network is a potential threat.”
Possible Solutions?
Though HP already released a patch for Faxploit, we never know when such bugs could appear in other devices too. It has the potential to trigger massive cyber attacks at the organizational level that had previously not been thought of. CheckPoint researchers didn’t explain much about how such vulnerabilities can be controlled on larger scales. Nonetheless, Max Eddy shared some quick tips with us over the matter.“One to protect corporate networks is segmentation. Having separate networks for computers, connected devices (like printers and smart devices), and guest access makes it much harder for an attacker or automated malware to spread across a network. Basic security practices, like staying up-to-date on patches and changing default passwords are a must. The best option is to think critically about what devices are allowed on corporate networks and what are not. Does the CEO really need a smart coffee maker, or will a dumb one do?”Interestingly, the present news adds a plus one to the HP printers’ bug related reports. A few days ago, HP patched two critical vulnerabilities that affected 225 HP printer models. Don't forget this all happened right after we heard of the first ever printer bug bounty program by HP.
Let us know your thoughts on this article in the comments section.
Posted from my blog with SteemPress : https://latesthackingnews.com/2018/08/14/faxploit-fax-machines-allow-hackers-take-over-an-entire-network/