Serious bug in US Emergency Alert System could be abused to create mass panic
The US EAS could be abused to send fake emergency messages
When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.
A bug in the US Emergency Alert System (EAS), a tool used to deliver urgent alerts to the general public, could be abused by threat actors to send out fake alerts, possibly creating mass panic.
The Department of Homeland Security (DHS) recently confirmed these findings in an advisory and urged organizations using EAS to tighten up on their security measures, in order to prevent any abuse.
As reported byThe Register, the flaw was discovered by cybersecurity researcher Ken Pyle, who also managed to successfully exploit it. Apparently, a proof-of-concept is in the works and should be presented to the general public soon.
Tightening up security
In order to keep theirendpointssecure, the DHS says, businesses need to update both their hardware and their software to the latest versions, applysecurity patcheswherever possible, and set up afirewallas extra means of defense. Furthermore, they need to monitor their systems, and regularly review audit logs, to make sure no unauthorized access occurs.
While the DHS did not go into details about the flaw,The Registerfound reports of holes being found in the Monroe Electronics R189 One-Net DASDEC EAS device.
UK government building mobile emergency alert system>How to use SOS emergency features on iPhone, Android phones or smartwatches>Here are the best antiviruses right now
EAS is a tool used by the US government to send out urgent messages to its citizens. During an emergency, the US President and other high-level state officials can use the system to address the American people in less than 10 minutes, through TV broadcasters, cable TV, wireless cable systems, satellite and wireline operators.
The system is run by the Federal Emergency Management Agency (FEMA), Federal Communications Commission (FCC), and National Oceanic and Atmospheric Administration.
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
ViaThe Register
Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.
A new form of macOS malware is being used by devious North Korean hackers
Scammers are using fake copyright infringement claims to hack businesses
How to turn off Meta AI
