The ‘Leaking Beeps’ report shines a light on how employees from industrial environments are leaking data through their pagers.
For those industries still using pager technology to communicate with their employees, this may be very bad news to them. The report details how unsecure pagers are, and in this day and age, any cyber security flaw is always a real concern.
A pager is a wireless telecommunication device that receives and displays messages and voice messages. Since pager messages are not usually encrypted, attackers can view pager messages even from afar.
Attackers only need to know a little about the software-defined radio (SDR) and own a dongle, which typically costs £30. Pagers have however been slightly out-of-date since the 1990s with the growth of mobile phones, but they are by no means obsolete.
Still used in many industries
However, they continue to be used in many trades. Pagers allow employees to get critical updates – including alarms – even when there is no cellular network. The same cannot be said for mobile phones as this requires a signal, which can’t be guaranteed 100% of the time.
Many industries like healthcare rely on out-of-date pagers as they may not want to take a risk or invest in new technology. However, not investing in new technologies could be a greater risk, especially in the healthcare industry as there are millions of patient records that require safe protection. Some argue that pagers are far more reliable as a defence for their continuing use. However, the security aspect of using such dated devices is questionable.
What is the issue with pagers?
As mentioned above, pager systems do not use encrypted methods of sending data. Encryption essentially translates messages into code to stop hackers from gaining information. Researchers found that the data being passed around could easily be intercepted with a dongle. The potential abuse of this system is far greater with non-encrypted data passed from pager to pager. Malicious hackers could access the system very easily.
The damage that could be caused from using pagers in relation to nuclear power plants is high. If an outsider intercepted the information being sent from one pager to another, the received information could be used for an attack.
Trend Micro, who are leaders in internet content security software, commented on the fact that they received information as to when the redundant systems went offline, when pumps slowed down, leaks, and other medical emergencies. This information could enable an attacker to pose as a medical or mechanical staff.
There are a number of cases to support the fact that pagers are not safe, in recent news, a defence contractor leaked nearly 1,400 emails and addresses from their accounts. This information could give employees a false sense of security that they are dealing with someone with authority, as they would hold some information about them already. This could potentially trick employees into surrendering more data.
If pagers are still used in the industry…
As you can see there are many risks associated with the continuing use of the pagers, but if industries still wish to continue to use this system, they must do more to secure their data. Trend Micro recommends that industries and companies who use the pagers should invest in encryption and data authentication.
IMPORTANT: advice on this page is intended to be up-to-date for the 'first published date'.
Request a call back from our team
Fill out our quick call back form below and we'll contact you when you're ready to talk to us.
All fields marked with an * are required.