Fax machines. The word "fax" is short for "facsimile", from the Latin fac simile meaning "make alike".
Like the word's Latin roots, fax machines are outdated, obsolete, and are an ill-advised means of important communications.
In fact, the fax machine as we know it today was first patented by Alexander Bain on May 27, 1843, with his "Electric Printing Telegraph". Little did Alexander realize the Pandora's Box he opened of paper, toner, dropped communications, and now, severe security vulnerabilities threatening practices' abilities to protect confidential patient information.
Let's back up.
Fax machines have long been a staple of practice to practice communication. Faxes are used by practices to send referrals, progress notes, and patient demographics, as well as a host of other items. Faxes are the gold standard of communication in healthcare, and have been for decades.
Despite seeming like a rather obsolete tech to outsiders, there are still around 17 billion faxes sent annually.
The Faxploit ☠️
Recently, however, security researchers published a groundbreaking method for not only hacking fax machines, but using the hacked fax machines to infiltrate and hack all the computers on the same network as the hacked fax machine.
This is very, very bad news.
But this isn't the worst part.
Most alarming is that this class of vulnerability has existed for decades, and has remained latent-- an unnoticed, but unlocked, backdoor.
All that's required to exploit this backdoor into your practice is a fax number and a phone line. Then it's Game Over.
The researchers from CheckPoint that published this showstopping vulnerability, Eyal Itkin and Yaniv Balmas, explained at DefCon:
Using nothing but a phone line, we were able to send a fax that could take full control over the printer, and later spread our payload inside the computer network accessible to the printer.
So What Now?
First and foremost- "lock the door." The exploit was tested on an HP Officejet Pro 6830; however the exploit is similarly applicable to all fax machines as the vulnerability is in the fax communication protocols. Even online fax services are vulnerable to similar attacks.
HP quickly developed and released a software patch, and other vendors have likely followed suit.
So first things first, update your fax machine software.
A Better Option
It might be time to break up with the fax machine. It will take a long time for the healthcare industry to fully break from its long and complicated relationship with faxes, but there are now better alternatives for many use cases.
Namely, you can receive referrals and all their associated documentation/charts/files online with Preferral.
Never again will you miss a referral because it got lost in the grand fax void, or fell off the machine tray, or any of the 100 different ways communication via fax breaks down.
Further, referring practices love having an easier alternative to sending faxes, which you can provide them with an easy, low friction online referral form, powered by Preferral.
Signup couldn't be easier-- there's nothing to install. Just submit the simple signup form for a free trial.
Get started with Preferral today to break away from the ancient and vulnerable fac simile machine, and watch your practice grow as a result.