[ISN] Paging Network Hijacked

From: mea culpa (jerichot_private)
Date: Fri Jul 24 1998 - 16:05:35 PDT

  • Next message: mea culpa: "[ISN] No plans for 'cyberpolice' force"

    Paging Network Hijacked              
    by Chris Oakes
    4:00am  24.Jul.98.PDT
    Someone in Texas exploited a vulnerability in the PageMart paging network
    this week, sending a flurry of mysterious pages to tiny screens
    nationwide, confusing subscribers, and swamping the company's customer
    service center with phone calls. 
    PageMart said a random discovery enabled the intruder to use a set of
    pager addressing numbers to send messages to entire groups of customers,
    rather than individual subscribers. But a security expert said the system
    may have been hacked. 
    PageMart spokeswoman Bridget Cavanaugh detailed Wednesday's incident in an
    email late Thursday.  "A person, unknown to PageMart," she said,
    "discovered that three PINs [personal identification numbers] on our
    paging terminal in Dallas were actually mail drops." 
    "Mail drops" are used by a paging service to distribute information to
    many customers at once. It is unclear whether the intruder hacked into
    PageMart's systems or randomly identified mail drop PIN numbers. 
    "We suspect this person accidentally discovered this and began sending
    random messages to our customers,"  Cavanaugh said. 
    On Wednesday, PageMart customer and San Francisco resident Jeremiah Kelly
    reported that he received odd messages for a period of about an hour and a
    half on Wednesday afternoon. 
    Upon receiving one incomprehensible page -- unrecognizable in source or
    content -- he suspected a simple "wrong-number" message. "But then, all of
    a sudden, I got a blitz"  Kelly said. Most notable was a recurring
    message: "There is only one blu bula." 
    "I received one of those several times," he said. Another pair of messages
    said "Mike, you're Mom drives a Passat," and another was sexually
    suggestive. Both of the latter pages were signed "Christian." Kelly said
    he received about 30 of the senseless messages. 
    Most customers began receiving the messages around 3:20 p.m. PDT,
    Cavanaugh said. Within 45 minutes, PageMart had targeted and the PIN
    numbers being exploited and disabled them. 
    "The incident impacted about 1.5 percent of our customers nationwide,"
    Cavanaugh said.  "Statistically, it's a small number." PageMart provides
    numeric and text paging service in all 50 states, Canada, Mexico, Central
    America, and the Caribbean, serving approximately 2.7 million customers. 
    "It's a perfect example of how overconfidence can eventually cause a
    problem," said Peter Shipley, who analyzes and bolsters system security
    for accounting firm KPMG Peat Marwick. 
    Though it wasn't clear that PageMart's system was actually broken into,
    Shipley said poor protection against break-ins is all too common. "I'm in
    the business of doing these type of security audits, and a large number of
    systems I've seen have easy password access -- under the assumption of
    'why would somebody want to hack it?'" 
    In fact, paging services are responsible for enormously valuable data,
    from billing addresses to credit card information and more, Shipley said.
    Then there are the messages themselves, which can be easily netted as they
    make their way through the airwaves. 
    "Smaller companies believe they are not targets [for hackers],"  concluded
    KPMG's Shipley. "But small companies are as equally targeted as large
    companies. They're stepping stones -- the small fish that hackers start
    Subscribe: mail majordomot_private with "subscribe isn".
    Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]

    This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 12:59:44 PDT