How Fax Machines Today Can Still Allow Cyber Attacks

How Fax Machines Today Can Still Allow Cyber Attacks

In August of 2018, a group of researchers at Check Point Research successfully breached a system of computers through a vulnerability in a Hewlett Packard printer and fax machine. The team sent a fax containing malware disguised as an image to the machine, which stored the document, and gave the researchers access to all the computers on the network.

Some companies that have all-in-one printers, but do not use the fax feature may believe that they have nothing to worry about. But the fact that no one monitors incoming faxes means that malicious documents will likely pass through undetected. While HP has patched the vulnerability, other brands may still be suffering the same issue.

This revelation reopened the conversation of whether fax machines are secure forms of communication for healthcare providers. In spite of being considered outdated technology, an estimated 45 million printer-fax machines are still being used globally, with the National Health Service (NHS) in the UK using about 9,000 of them.

What is worrying is that according to Yaniv Balmas, a Check Point researcher, the security applied to fax machines was "standardised in the 1980s and has not been changed since". Consequently, he believes that fax has virtually no security measures.

Accordingly, researchers recommend that companies update their fax machines where possible or replace them completely. They could also separate their computer networks into sub-networks and keep their important data disconnected from fax machines.

Seema Verma, the head of Centers for Medicare and Medicaid Services (CMS), said government agencies in the U.S. are working towards making healthcare entities "fax free zones by 2020." The CMS aims to work with other agencies to develop a system that ensures an easy flow of health information between patients, healthcare providers and payers.

CMS is currently searching for suitable candidates who can make this possible. The expected final result is that developers can build a user-friendly application that allows Medicare recipients to integrate the data and healthcare services that they trust into one application.

Client Success

  • 50% reduction in time to deploy Giva's change, incident, problem, asset management and knowledgebase modules
  • 60% reduction in the 5 year Total Cost of Ownership (TCO)
  • Saved at least 1 FTE due to lower ongoing administration
  • Saved 1 week per month due to easy to use reports
  • Increased to 90% achievement in meeting service level agreements
  • 70% reduction in generating reports and admin; eliminated 35 hours/month
  • 50% faster to create/assign a service request
  • 60% increase in information captured during the initial phone call
  • 50% increase in the number of service requests created due to intuitive design
  • 80% increase in productivity by using Giva's dashboards and reports
  • 60% increase in meeting service level agreements
  • 45% increase in the number of the calls logged due to Giva's intuitiveness and ease of use
  • 50% increase in productivity by using Giva's integrated custom forms