Emergency Alert System Flaws Could Let Attackers Transmit Fake Messages

Technology

The U.S. Department of Homeland Security (DHS) has warned of critical security vulnerabilities in Emergency Alert System (EAS) encoder/decoder devices.

If left unpatched, the issues could allow an adversary to issue fraudulent emergency alerts over TV, radio, and cable networks.

The August 1 advisory comes courtesy of DHS’ Federal Emergency Management Agency (FEMA). CYBIR security researcher Ken Pyle has been credited with discovering the shortcoming.

CyberSecurity

EAS is a U.S. national public warning system that enables state authorities to disseminate information within 10 minutes during an emergency. Such alerts can interrupt radio and television to broadcast emergency alert information.

Emergency Alert Systems

Details of the flaw have been kept under wraps to prevent active exploitation by malicious actors, although it’s expected to be publicized as a proof-of-concept at the DEF CON conference to be held in Las Vegas next week.

CyberSecurity

“In short, the vulnerability is public knowledge and will be demonstrated to a large audience in the coming weeks,” the agency said in the bulletin.

To mitigate the vulnerability, relevant participants are recommended to update the EAS devices to the latest software versions, secure them with a firewall, and monitor and audit review logs for signs of unauthorized access.

Products You May Like

Articles You May Like

Blue Bloods Season 14 Episode 15 Review: Ridiculous Rules, Jamie and Eddie On Opposite Sides, And Other Things That Make The Cancellation Heartbreaking
X-Men Will Be ”Important” to MCU, Says Kevin Feige (But Not for a While)
Elon Musk, Vivek Ramaswamy to Lead Trump’s ‘Dept. of Gov. Efficiency’
Barnes and Noble has Announced its 2024 Book of the Year
Musk endorses Trump intervening on Federal Reserve after election win