Hackers use a $20 Dongle to Hack Messages from Unencrypted Pagers

We recently published a blog article that highlighted seven reasons healthcare should end its love affair with pagers. We should have been more inclusive in our recommendation and suggested that all industries that use pagers should give them the boot. An article that came out this week in The UK Register reiterated the problems befalling those who choose to remain loyal to pagers. The article noted how by using pagers, organizations allow amazing amounts of information to be gathered on themselves, their patients, the company and their passwords.

$20 spells the end of secure messaging

The many industries that still use pagers today such as nuclear power plants, substations, power generation plants, chemical plants, defense contractors, and other industrial environments like semiconductor and commercial manufacturers, and heating, ventilation and air conditioning (HVAC) companies are putting themselves at risk. The only thing preventing criminals from breaking into the stream of pager messages is a $20 dongle and some software defined radio know-how.

According to the UK Register article:

“communication through pagers is not secure at all. Since pager messages are typically unencrypted, attackers can view pager messages even at a distance—the only thing attackers need is a combination of some know-how on software-defined radio (SDR) and US$20 for a dongle.”

Impacts of using pagers

The impact of this level of insecure communication is eye-opening. Among the most prominent risks are:

• Hacker risk
• HIPAA violations
• Forfeiting of privacy
• Impersonating doctors or patients for nefarious needs
• Stealing identities
• Intercepting calls

Add to this chaos the inefficiency of switching between pagers and smartphones when alerts do occur and you are left wondering why industries continue to use pagers in the first place. Clearly, it is time for pager replacement.

Conclusion

The impacts of using pagers are real and dire. They are insecure devices that need to be replaced by healthcare, IT or any industry that relies on them. Failure to do so will leave companies exposed and open to hackers and worse.

For more information on the problems with pagers, read our whitepaper on Why Pagers Suck.