A serious bug in the emergency alert system of the US could be abused and thus used in creating mass panic in general.
A Serious Bug in the Emergency Alert System of the US Could Be Abused
Reports coming in now claim that the United States emergency alert system could be used in sending fake emergency messages. A bug has been reported to be in the US emergency Alert System. The US EAS is a tool that is used in delivering urgent alerts and messages to the general public. And now this tool could be abused by threat actors in sending fake alerts which could ultimately create mass panic.
In an advisory, the department of homeland security confirmed the findings and therefore urged organizations making use of EAS in tightening their security measures in a bid to prevent any abuse in the event that one arises.
The Flaw Originally Was Discovered By Ken Pyle
And as reported by The Register, the flaw originally was discovered by Ken Pyle, a cybersecurity researcher who also managed to exploit it successfully. a proof-of-concept apparently is in the works and in no time should be presented to the general public.
In a bid to keep their endpoints safe, the DHS says that businesses will need to update their hardware and software to the latest and recent versions, apply security patches in places needed, and then set up a firewall as an extra means of security. Additionally, they will also need to monitor their systems and review their audit logs often just to make sure that there is no unauthorized access to their systems.
And while the DHS did not give much in regards to the flaw, The Register however found reports of holes being found in the Monroe Electronics R189 One-Net DASDEC EAS device.
The EAS Is a Tool That Is Used By the United States Government
As mentioned already in this post, the EAS is a tool that is made used by the United States government in sending out urgent messages to its citizens and the public. The president of the US and other high-level staff officials during an emergency can use the tool and system in addressing the American people in a little less than 10 minutes via TV broadcasters, wireless cable systems, cable TV, wireline, and satellite operators.
The system currently is run by the federal emergency management agency (FEMA), the national oceanic and atmospheric administration, and the federal communications commission (FCC).