Criminals Can Compromise Company Networks by Sending Malicious Faxes
Check Point has revealed details about the two critical remote code execution vulnerabilities (CVE-2018-5924, CVE-2018-5925) it discovered in the communication protocols used in tens of millions of fax devices globally.
A fax number is all an attacker needs to exploit the flaws, and potentially seize control of a company or home network.
The Check Point research demonstrated the vulnerabilities in the popular HP Officejet Pro All-in-One fax printers.
The same protocols are also used by many other vendors’ faxes and multifunction printers, and in online fax services such as fax2email, so it is likely that these are also vulnerable to attack by the same method.
Usually seen as outdated technology, there are over 45 million fax machines in use in businesses globally, with 17 billion faxes sent every year.
It is still widely used in several Industry sectors such as healthcare, legal, banking and real estate, where organizations store and process vast amounts of highly sensitive personal data. The UK’s National Health Service alone has over 9,000 fax machines in regular use for sending patient data. In many countries, emails are not considered as evidence in courts of law, so fax is used when handling certain business and legal processes. Nearly half of all laser printers sold in Europe are multifunction devices with fax capability.
Once an attacker obtains an organization’s fax number (which is easily obtainable from corporate websites), the attacker sends a specially created image file by fax to the target. The vulnerabilities enable malware (such as ransomware, crypto-miners or spyware) to be coded into the image file, which the fax machine decodes and uploads to its memory. The malware can then potentially breach sensitive data or cause disruption by spreading across any networks to which the fax machine is connected.
To minimize the security risk, Check Point advises that organizations check for available firmware updates for their fax devices and apply them.
“We worked closely with HP to fix the vulnerability and, following the process of responsible disclosure, they managed to release a patch before this publication. In fact, if your device is already configured to auto-update then the patch has likely already been applied. This patch, however, only applies to HP all-in-one printers and the vulnerability may well still apply to devices from other manufacturers as well,” the researchers noted.
Businesses are also urged to place fax devices on a secure network segment separated from applications and servers that carry sensitive information.
“Once unauthorized access is gained, network segmentation can provide effective measures to mitigate the next stage of intrusion into a network and limit the spread of the attack by lateral movement across it,” they explained.
The good news is that there’s no indication that the vulnerabilities are being exploited in the wild.
“Many companies may not even be aware they have a fax machine connected to their network, but fax capability is built into many multifunction office and home printers,” said Yaniv Balmas, Group Manager, Security Research at Check Point. “This groundbreaking research shows how these overlooked devices can be targeted by criminals and used to take over networks to breach data or disrupt operations.
- M&E Project Manager
- £35,000 - £65,000 + Bonus + Benefits
M&E Project Manager with a Data centre / Construction / Mission Crticial background is needed in London area to join a leading Data Centre business. The M&E Project Manager MUST have experience working in data centre or mission critical project environments for a minimum of 2 years The M&E Project Manager will be responsible for planning, controlling and coordinating the delivery of various construction and business as usual projects. Ensuring work keeps to deadlines and within cost parameters. You will be responsible for overseeing projects worth over £5 million from start to finish, managing suppliers and contractors. This is an excellent opportunity for someone looking to build a career working for an internationally recoginised brand who truely belive in staff development and progression. Reference Number: PG7448
- Marketing Specialist
- £35k - £37k + Bonus + Excellent Benefits
My client, a leading name in the IT industry, are seeking a Marketing Specialist to join their team. This is an excellent role for someone looking to develop themselves in a diverse role with resposnbilites and authority with the real chance to make change and have an effect on a global business. Required Experience: 5+ Years in Marketing + Public Relations Experience organising and running campaigns and events. Content Creation - Social Media, Website and Blogs Email Campaigns A degree in Marketing, Business admin or related subject Marketing qualification, ideally CIM. IT / Telecoms Background prefered but not essential. Reference: PG7447
- ServiceNow Administrator (Contract)
- £350 Per Day
We are currently working on behalf of a London based service provider who are on the look out for a ServiceNow Administrator for a 6 month initial contract The ServiceNow Administrator will be responsible for supporting, configuring, scripting & integrating the ServiceNow ITSM (IT Service Management) tool. Requirements Current ServiceNow ITSM (IT Service Management) experience is a MUST Current experience within an IT service provider A Certified ServiceNow System Administrator certification isn’t a must be extremely beneficial Day Rate: £350 Per Day Reference Number: BD7439a
- Cyber Security Sales
- £120,000 – £140,000 OTE
£120k - £140k OTE Sales Account Management / New Business in the London / Reading area. This opportunity comes with existing accounts with internal sales support. MUST have the ability to develop New business as well as help existing accounts. Experience selling Solution and Managed service experience preferred e.g. Check Point, Palo Alto, F5, etc. Must be UK based and ideally able to achieve SC clearance DCL Search & Selection Exclusive and looking to hire ASAP. Contact me for more info 07884666351 / chris.holt@DCLSearch.com Reference Number: CH7444