The DEFCON Warning System™

Ongoing GeoIntel and Analysis in the theater of nuclear war.  DEFCON Level assessment issued for public notification.  Established 1984.

Older U.S. emergency alert systems may not be secure, researchers find

The emergency alert systems that blare out warnings during natural disasters, terrorist incidents or manmade calamities could be hijacked into sending out false alarms.

A security company, Bastille, said Tuesday that it had found a vulnerability in San Francisco’s emergency alert system that would allow hackers to trigger the city’s sirens or even blare out malicious messages.

The Boston manufacturer, ATI Systems, said it had developed a patch that will be rolled out shortly and noted that such a hack “is not a trivially easy thing that just anyone can do.”

Balint Seeber, director of vulnerability research at Bastille, which has offices in San Francisco and Atlanta, Georgia, said he began studying vulnerabilities in the system of 130 or so public sirens and outdoor speakers scattered about San Francisco in 2016. Once he determined the radio frequencies employed, he said it would be easy to hijack the unencrypted system, even using only a $30 radio and a laptop.

A hacker could broadcast his or her own voice as a public address audible to the entire city, Seeber said.

ATI’s siren systems are installed at military bases, nuclear and petroleum plants, universities and urban centers across the country.

False alarms have caused dangerous panic, as was seen in Hawaii on Jan. 13. Human error, not hacking, caused an emergency text message warning of an incoming nuclear attack at a time of heightened tension with North Korea. It sent residents flooding into the streets, into underground shelters and clogging freeways on the islands.

A hacker did trigger all 156 emergency sirens in Dallas to sound off on April 7, 2017, waking up city residents.

An expert on the nation’s emergency alert systems, retired Rear Adm. David G. Simpson, said older parts of the nationwide network were not designed to thwart hackers.

Read more at McClatchy

Ongoing Geointel and Analysis in the theater of nuclear war.

© 2024 The DEFCON Warning System. Established 1984.

The DEFCON Warning System is a private intelligence organization which has monitored and assessed nuclear threats by national entities since 1984. It is not affiliated with any government agency and does not represent the alert status of any military branch. The public should make their own evaluations and not rely on the DEFCON Warning System for any strategic planning. At all times, citizens are urged to learn what steps to take in the event of a nuclear attack.