Are you one of the 89 percent of businesses that still use fax to transfer confidential documents or obtain time-sensitive signatures? If so, you’ll want to pay careful attention to the recent news headlines that highlight the surprising vulnerabilities of what many businesses consider to be their most secure device onsite – their fax machines.
At this year’s Def Con, the world’s largest hacking conference, cybersecurity researchers demonstrated an exploit targeting business networks via their fax machines. Using just a fax number – which many businesses list publicly online and on business cards – the would-be hacker was able to connect to the company’s secure network and gain control of the fax machine. Not only does this put all of your fax machine’s historical data at risk, but gaining control of the fax machine also allows the hacker to spread the infection to everything connected to your secure network.
Which Fax Machine Was Hacked?
The fax machine in question was the HP Officejet Pro 6830 all-in-one printer/copier/fax. To its credit, HP has already released a patch, which you can access here. But even if your company uses another model or another product, you could still experience a security threat from hackers who get wind of this vulnerability.
Why are fax machines suddenly a prominent security threat? Fax machine technology hasn’t been updated or changed since it was created in 1985. While that has helped to make the fax machine an easy-to-use industry standard, it also means it hasn’t been upgraded to deal with the large amounts of risk that surround customer and client data, today. It simply doesn’t have any built-in protection from newly-discovered opportunities to exploit its vulnerabilities.
What Can You Do to Protect Your Fax Machine?
Companies that use physical fax machines should look to upgrade their systems or swap them out for cloud-based alternatives, like secure client portals and e-signature services. These alternatives are built with cutting-edge security protocols in mind and are much easier and faster to use when coordinating multiple signatures.
If in the meantime your business needs to continue using its physical fax machine, a tedious but low-tech solution is to disconnect your fax line when not actively sending or expecting a fax. Otherwise, if a hacker targets your company, all it would take for your machine to become compromised is to accept a single image file loaded with malicious content through the phone line.
When the fax machine was invented in the 1980s, it was the fastest and most effective way to transfer official documents from organization to organization without a courier service. But that was almost 40 years ago. Now that better technology is available, it’s time to upgrade your system both to the benefit of your business processes and the security of your client data. If you’re still using a physical fax machine, take this example from Def Con as an official notice that it’s time to update your business processes.