Office Technology Blog, Tips, & News - SumnerOne

In Case You Missed Us: Faxploit on Tech Talk With KTRS

Written by Jaclyn Sindel | Aug 24, 2018 2:15:00 PM

When was the last time your business used a fax machine? If the answer is recently, this is the Tech Talk for you. Last week, cyber criminals used the faxing technologies of the past to creep their way into present-day multifunction printers through something they are now calling faxploits. Our IT expert, Jeff Groby, joined the Guy Phillips Show on The Big 550 KTRS to talk about faxploits for Tech Talk last week.

What is Faxploit? 

Fax machines have been around for decades, and you can still find them in offices today Medical offices and financial institutions still rely heavily on facsimile technology. Some, not all, modern day multifunction printers still offer faxing capabilities. Because faxing has dwindled in popularity, a flaw in the technology has left the functionality vulnerable to cyber criminals looking to break into your device. While cyber criminals may not be interested in what you are faxing, they are using the vulnerability as a backdoor entry into the rest of your device which carries important data for your business.

Cyber criminals are implementing their attack by sending a malicious image file to an unsuspecting fax machine which is then decoded and uploaded into the device's memory. Once the file has been owned by the machine, criminals can use it as an access point into the device and network. A faxploit cyber attack can come from something as harmless as a criminal getting getting their hands on your fax number.

Mitigating the Risks of Faxploit

Faxing may be becoming less popular, however, some industries still rely on it. Industries like finance and healthcare use faxing for everyday operation. Organizations using fax capabilities are sending and storing sensitive data such as financial information or health records that could now be at risk. No matter the industry, having your faxes compromised can be detrimental for an organization. Jeff came armed with tips on how businesses can work to avoid falling victim to faxploits.

  • Update your Devices - One of the most proactive ways you can protect your business from a cyber attack is to stay up-to-date with the latest device updates. When new updates become available not only do they contain improvements, they also may have patches available to secure your device from new vulnerabilities.
  • Use Email - According to Jeff, faxing is outdated. There are alternatives out there though if you're ready to do away with faxing. Sending documents via email in the form of a PDF is a great, safe, and quick option instead of faxing. If this sounds like something you may be interested in moving to, it might be time to update your prehistoric technology!
  • Segmentation of your Network - Network segmentation is a key strategy in closing the gaps in security on your device. Segmentation helps to cut the level of access to sensitive information for applications, servers, and unauthorized end users, all while keeping access available for those with the proper rights. Once someone or something tries to gain access to an unauthorized area, they're limited to a much smaller portion of your network versus have free reign across your entire network.

Proactive Cyber Security is Important

While faxing might be a little dated, this exploit goes to show that no areas of your business security are safe to be relaxed. Following best practices when it comes to software updates and end-user security education are two smart ways to protect your network and data. Following best practices is a good habit to get into regardless of the age of the technology you are using.

To learn more about securing your network or questions about proactive cyber security, contact our experts at SumnerOne. Thanks for catching up on another week of Tech Talk on The Big 550 KTRS. We will be back in the studio Friday afternoon at 4:20 to chat about SMiShing attacks. Be sure to subscribe to our YouTube channel and check out the full video recap down below.

 

 

 Originally published August 24, 2018, updated February 12, 2019