The Trojan Fax

Author:
Publish date:

The fax machine is ancient history. Or so you thought. According to recent studies, there are still 45 million fax machines hooked up globally. And there’s a good probability that you and your business are among the 300 million people with fax numbers.

Which means: Your fax can be hacked.

As reported at Fortune‘s Brainstorm Tech Conference last month, a so-called “Cyber 9/11” could impact American infrastructure like air traffic, power grids, etc. On a smaller but just as critical scale for boat dealers, vulnerabilities via fax numbers could allow hackers to not only steal money from accounts but access a lot more data.

Stay with me. Just because the old, standalone fax machine is no longer around doesn’t make you immune from hacking. That ancient fax has likely been replaced by a popular all-in-one printer connected to a WiFi network and PSTN (regular phone line). It’s the basic service most people have at home and, most likely, in your boat dealership.

Unfortunately, a savvy remote attacker can simply send a specially crafted image file via fax to exploit your printer’s vulnerabilities and literally seize control of your business or home network. According to Check Point Research, a leading cyber threat intelligence provider, the hacker can then access every file in your network. Even information held by others, like your trading accounts or other financial records, could be stolen.

These days, most efforts to keep information safe focus on areas where the most sensitive data is kept, like dealership customer info or financial data. While that makes sense, it also means you’re probably doing nothing about low-tech machines like the all-in-one-printer. That leaves a back door open for hackers to access the same information.

They just dial your fax number, send a few lines of malicious code as an image and voila, they’ve hacked your most sensitive data.

Most dealerships have all-in-one printers with fax function, but with the dominance of email, fax technology is rarely used. That is where Check Point’s personnel were able to exploit vulnerabilities of most offices. No one was checking incoming faxes. Therefore, nobody caught the malicious file.

As the administrator for the Centers for Medicare and Medicaid Services (CMS), Seema Verma oversees one of the largest federal agencies administering vital healthcare programs to over 100 million Americans. Verma recently called for digital health information to replace fax machines in physician’s offices for sending out confidential patient information.

Specifically, Verma said Medicare beneficiaries need to connect their claims data to consumer-friendly applications, services and research programs they can trust. “If I could challenge software developers with a mission, it’s to help make doctors’ offices fax-free zones by 2020,” Verma said.

There’s no doubt cybersecurity is a pressing issue these days, from Russian meddling in elections to that easy-to-remember email password we haven’t changed for years. HP reportedly fixed the vulnerability in the all-in-one printer that Check Point’s researchers tested. But what about all the other brands that aren’t immune to the threat?

Remember, a hacker only needs a fax number to launch a malicious attack that will exploit a flaw in the printer. To make sure it doesn’t happen to your business, I’d recommend you talk with your IT people today. 

Related

Suzuki Powers Forest River’s New Nepallo Pontoon Boats

The new Nepallo line of pontoon boats with Suzuki engines will be sold at select Camping World and Gander RV & Outdoors stores.

West Marine CEO to Keynote Annual MRA Event

With a “Climate for Change” theme, the Marine Recreation Association’s Educational Conference and Trade Show is set for Oct. 11-13.

Skeeter Owner’s Tourney Held on Lake Fork

A field of 2,000 anglers in 1,000 boats saw a nearly 10-pound bass capture first place in the annual Skeeter owner’s tournament.

Email Remains a Vital Marketing Tool for Dealers

A content marketing staple, emails can consistently deliver valuable and relevant information, if done correctly.

ABYC to Publish Largest-Ever Standards Manual

The nonprofit is offering pre-orders until June 18 of its updated standards manual, with a publication date of July 31.

Furuno, Simrad Add SiriusXM Fish Mapping Suite

The subscription-based service offers offshore anglers a suite of technology with which to locate and catch more fish.