Ethical
Hacking is Attacking Faxing?
Cyber
security experts from Check Point exposed what some believe to be an Achilles
heel for the secure T.30 fax protocol. Hyperbole is popping up on the
internet quickly. The news was recently disclosed publicly August
12 at "DEFCON 26,” a hacking conference. This comes after HP reportedly offered ethical
hackers $10,000 if they could find any issues with their devices.
In layman's
terms, the research concluded that vulnerabilities exist with color
fax files - they don't "look" like a standard fax TIF
and their payload is accepted, unchecked. When the payload is "opened,"
the MFP passes through malware that was embedded in the fax file, and the
network becomes exposed.
Several fax
vendors have been quick to post their own statements about this over the last
few days. It is important to note
that some vendors are asserting the fax protocol itself is not to blame and
remains secure; that the HP devices are responsible for the vulnerability. This
is contrary to what Check Point suggested in their presentation.
The Check
Point analysts claim that their research and "hack" were tested solely on
HP Office Jet All-in-One devices. However, they say the impacts of this,
if confirmed and validated further, could be far reaching. "We
strongly believe that similar vulnerabilities apply to other fax vendors too as
this research concerns the fax communication protocols in general."
Check it out
for yourself, here: https://research.checkpoint.com/sending-fax-back-to-the-dark-ages/
And HP's original invite:
And HP's original invite:
Find out more about the impact
MFPs have in the future of fax in the upcoming Fax2020 Market Report. www.Fax2020.com
