Hackers may be targeting your fax machine

person with printed documents

Fax machines still pose a glaring risk to businesses’ cybersecurity, according to a presentation at an international hacker’s convention in Las Vegas.

Researchers at DEF CON revealed a host of concerns over the continuing use of faxes in today’s businesses, which don’t come with the same encryption measures as more modern, internet-based technologies.

Speaking to the BBC, one of the researchers, Yaniv Balmas warned that “Fax has no security measures built in – absolutely nothing”.

As fax machines tend to be connected to a company’s internal servers, hackers exploiting the ‘weak point’ in the chain could then gain access to the wider network and other sensitive data. 

All-in-one printers that incorporate scanning, copying and faxing were also noted as vulnerable, while being hugely prevalent across corporate offices. American IT provider HP has now released a patch for its printers, specifically to fix the weaknesses found by Balmas’s research.

More common than you think

Although faxes are becoming increasingly redundant in the face of email and cloud-based storage services, the technology is still widely used in many professional environments. 

This is partially down to the legal status of faxes, which, unlike emails, are accepted as visual evidence in the courtroom, being seen as more reliable or less prone to alteration. 

The UK’s National Health Service – which famously still relies on a wide network of pagers for communication with staff – also has thousands of fax machines still in use, and has been grappling with security concerns after a major cyberattack on the health service last year.

Henry St Leger

Henry is a freelance technology journalist, and former News & Features Editor for TechRadar, where he specialized in home entertainment gadgets such as TVs, projectors, soundbars, and smart speakers. Other bylines include Edge, T3, iMore, GamesRadar, NBC News, Healthline, and The Times.