Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Data Protection

IT Systems Connected to Pagers Leak Valuable Data

IT systems connected to pagers leak data that can be highly valuable to malicious actors looking to gather intelligence on the organizations they want to target, Trend Micro warned on Tuesday.

IT systems connected to pagers leak data that can be highly valuable to malicious actors looking to gather intelligence on the organizations they want to target, Trend Micro warned on Tuesday.

The security firm has been analyzing the security impact of pagers in various industries. After two separate reports detailing the risks posed by these devices in the healthcare industry and industrial environments, the company has now published a third analysis focusing on IT systems.

Pagers are outdated, but they are still used in many organizations in combination with SMS-to-pager and email-to-pager gateways. The problem is that the pager messages, also known as pages, are sent without being encrypted, allowing anyone with the technical knowhow and a $20 dongle to intercept the information they contain, even over long distances.

An analysis of pages coming from entities in the United States has showed that these types of communications are still used for a wide range of purposes. In the case of SMS-to-pager gateways, Trend Micro intercepted messages related to 911 emergency services, healthcare, industrial control systems (ICS), spam, and missed calls.

Trend Micro observed SMS-to-pager gateways being used by various services, including unified communications services, healthcare solutions, caller ID lookup systems, and SNMP messaging for operation engineers.

The security firm has seen email-to-pager gateways used for missed call services, server and network monitoring solutions, next-generation intrusion prevention systems, database management systems, and personal communications.

The pages leaked various types of data, including names, phone numbers, addresses, conference call details (e.g. phone numbers and access codes), medical information, IP and web addresses, information on network devices, database details, meetings, parcel shipment data, and alerts describing potential security threats.

This information can be highly useful to malicious actors conducting reconnaissance as it can allow them to gather information on hostnames and network topology, join conference calls, learn about the targeted individual’s schedule and friends, and map interpersonal relationships within an organization.

Advertisement. Scroll to continue reading.

The data leaked via unencrypted pages can be leveraged for credible social engineering attacks. For example, pages exchanged by an organization’s employees can include basic information (e.g. names, email addresses and phone numbers) that can allow attackers to pretend that they are part of the organization.

Furthermore, by identifying frequent senders, malicious actors could ensure that the fake messages they send don’t raise any suspicion as they appear to come from an individual trusted by the victim.

The complete report, titled Leaking Beeps: A Closer Look at IT Systems That Leak Pages, is available for download in PDF format.

Related: Data Leaked by Pagers Useful for Critical Infrastructure Attacks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Understand how to go beyond effectively communicating new security strategies and recommendations.

Register

Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.

Register

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Cybercrime

The changing nature of what we still generally call ransomware will continue through 2023, driven by three primary conditions.

Data Protection

The cryptopocalypse is the point at which quantum computing becomes powerful enough to use Shor’s algorithm to crack PKI encryption.

Cybercrime

A recently disclosed vBulletin vulnerability, which had a zero-day status for roughly two days last week, was exploited in a hacker attack targeting the...

Artificial Intelligence

The CRYSTALS-Kyber public-key encryption and key encapsulation mechanism recommended by NIST for post-quantum cryptography has been broken using AI combined with side channel attacks.

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Malware & Threats

The NSA and FBI warn that a Chinese state-sponsored APT called BlackTech is hacking into network edge devices and using firmware implants to silently...

Cybersecurity Funding

2022 Cybersecurity Year in Review: Top news headlines and trends that impacted the security ecosystem