Paging Network Hijacked
by Chris Oakes
4:00am 24.Jul.98.PDT
Someone in Texas exploited a vulnerability in the PageMart paging network
this week, sending a flurry of mysterious pages to tiny screens
nationwide, confusing subscribers, and swamping the company's customer
service center with phone calls.
PageMart said a random discovery enabled the intruder to use a set of
pager addressing numbers to send messages to entire groups of customers,
rather than individual subscribers. But a security expert said the system
may have been hacked.
PageMart spokeswoman Bridget Cavanaugh detailed Wednesday's incident in an
email late Thursday. "A person, unknown to PageMart," she said,
"discovered that three PINs [personal identification numbers] on our
paging terminal in Dallas were actually mail drops."
"Mail drops" are used by a paging service to distribute information to
many customers at once. It is unclear whether the intruder hacked into
PageMart's systems or randomly identified mail drop PIN numbers.
"We suspect this person accidentally discovered this and began sending
random messages to our customers," Cavanaugh said.
On Wednesday, PageMart customer and San Francisco resident Jeremiah Kelly
reported that he received odd messages for a period of about an hour and a
half on Wednesday afternoon.
Upon receiving one incomprehensible page -- unrecognizable in source or
content -- he suspected a simple "wrong-number" message. "But then, all of
a sudden, I got a blitz" Kelly said. Most notable was a recurring
message: "There is only one blu bula."
"I received one of those several times," he said. Another pair of messages
said "Mike, you're Mom drives a Passat," and another was sexually
suggestive. Both of the latter pages were signed "Christian." Kelly said
he received about 30 of the senseless messages.
Most customers began receiving the messages around 3:20 p.m. PDT,
Cavanaugh said. Within 45 minutes, PageMart had targeted and the PIN
numbers being exploited and disabled them.
"The incident impacted about 1.5 percent of our customers nationwide,"
Cavanaugh said. "Statistically, it's a small number." PageMart provides
numeric and text paging service in all 50 states, Canada, Mexico, Central
America, and the Caribbean, serving approximately 2.7 million customers.
"It's a perfect example of how overconfidence can eventually cause a
problem," said Peter Shipley, who analyzes and bolsters system security
for accounting firm KPMG Peat Marwick.
Though it wasn't clear that PageMart's system was actually broken into,
Shipley said poor protection against break-ins is all too common. "I'm in
the business of doing these type of security audits, and a large number of
systems I've seen have easy password access -- under the assumption of
'why would somebody want to hack it?'"
In fact, paging services are responsible for enormously valuable data,
from billing addresses to credit card information and more, Shipley said.
Then there are the messages themselves, which can be easily netted as they
make their way through the airwaves.
"Smaller companies believe they are not targets [for hackers]," concluded
KPMG's Shipley. "But small companies are as equally targeted as large
companies. They're stepping stones -- the small fish that hackers start
on."
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
Received on Sat Jul 25 12:29:49 1998