A report has suggested that employees from industrial environments may be leaking data through their pagers. For those industries still using such technology to communicate with their employees, this is not good news, and the report details how unsecure pager devices really are.
Pagers – wireless telecommunication devices that receive and display messages and voice messages – are practically a thing of the past now, but if they’re still in use, the risks need to be addressed.
Since pager messages are not usually encrypted, attackers could view messages sent to pager devices from afar. Attackers may only need to know a little about the software-defined radio (SDR) and have a dongle to try and intercept messages. Pagers are really, let’s face it, out-of-date since the 1990s following the growth of mobile phones and the internet. It’s often the case that outdated devices suffer from increased vulnerabilities.
Pagers still used in many industries
Despite the risks, pagers continue to be used in many industries. They are still used for things like ensuring employees receive critical updates or perhaps alarms when they’re away from their more-modern devices, or where connectivity to satellites etc is low. Mobile phones require a signal, which can’t be guaranteed all the time; perhaps in an underground industry.
Some healthcare professionals still rely on out-of-date pagers as they don’t want to take a perceived risk on new devices, or invest in new technology. However, there could be a greater risk of not investing in new technologies, especially in the healthcare industry as there are millions of patient records that require safe protection. Some argue that pagers are far more reliable as a defence for their continuing use, but the security aspect of using such ‘archaic’ devices is questionable.
What is the issue with pagers?
Pager systems don’t usually use encrypted methods of sending data. Researchers in the field found that data being passed between pagers could easily be intercepted with a dongle. The potential abuse of this system could be far greater with sensitive data passed from pager to pager. Malicious hackers could access such a system easily, putting data at risk.
The damage that could be caused from using pagers in relation to nuclear power plants can be deemed as high. If an outsider intercepted information being sent from one pager to another, the hacked information could be used for an attack.
Trend Micro, leaders in internet content security software, commented that they received information for a plant as to when redundant systems went offline, when pumps slowed down, leaks and other medical emergencies.
There may be many risks associated with the continuing use of an out-of-date messaging system like pager devices, so if industries wish to continue using such systems, they must do more to secure their data. Experts recommend that industries and companies who use pagers should invest in encryption and data authentication methods.