The newly acquired system by the U.S. government to send unblockable messages to U.S. citizens in times of an emergency from the President can be hacked by hackers using off-the-rack hardware and open-source software, a study revealed.
According to researchers from the University of Colorado Boulder in a study published this week, hackers can use the vulnerabilities in the LTE network in order to send bogus presidential alerts to Americans within the range of an entire 50,000-seat football stadium with little effort in order to incite panic and chaos among those who receive the fake message.
In the study conducted by the researchers, 90% of their tests have been successful in sending bogus presidential alerts to their targets using the only some commercially-available software defined radio, and our modifications to the open source NextEPC and srsLTE software libraries. They also concluded that their developed spoofing technique could succeed in all tested smartphones in the top four cellular carriers in the US.
“We find that with only four malicious portable base stations of a single Watt of transmit power each, almost all of a 50,000-seat stadium can be attacked with a 90% success rate,” reads the study’s abstract.
The vulnerability can cause “cascades of panic”
Researchers also said that the intensity of the effect a bogus presidential alert depends on the number of cellphones within the range of the fake alert. This means that the more populated the area is, the more significant the impact the fake messages can create and the more extensive the panic that will ensue from it.
“Fake alerts in crowded cities or stadiums could potentially result in cascades of panic,” they added.
Last year the Federal Emergency Management Agency sent out the first “presidential alert” test using the Wireless Emergency Alert (WEA) system as part of the mandate of Warning, Alert, and Response Act of 2006. It was part of the initiative to test the newly acquire state-of-the-art technology that would allow any president to send messages to Americans in bulk in times of disasters and other emergencies. It also runs in the same technology that powers Amber alerts and the system that sends messages to people for severe weather warnings.
But the system isn’t perfect. There are documented cases where a wrong message was sent to people during the test. Last year amid tensions between the U.S. and North Korea, an erroneous alert warned residents of Hawaii of an inbound ballistic missile threat. The message mistakenly said the alert was “not a drill.”
Problems with the current system and how to solve them
While there is already an acknowledgment that the system is vulnerable to human errors, the researchers of the study have revealed that malicious attacks can also be a problem for the system as hackers can exploit vulnerabilities in the LTE network to carry out a massive scare terrorism attack.
Another problem pointed out by the researchers is the absence of a system that validates the authenticity of the messages people receives. The researchers said fixing the vulnerabilities would “require a large collaborative effort between carriers, government stakeholders, and cell phone manufacturers.” They added that adding digital signatures to each broadcast alert is not a “magic solution” but would make it far more challenging to send spoofed messages.
Meanwhile, the researchers admit that there are still challenges that multi-sectoral problem solving is facing. For starters, updates to the CMAS architecture could require expensive changes by cell phone manufacturers, operating system developers, government bodies, and cellular carriers.
“Furthermore, updates must still support outdated devices, both on the user (UE) and infrastructure (eNodeB) side, as it could take years to replace or update old equipment already in use. Also, any comprehensive defense must tradeoff the protections provided with the availability of the system: if users cannot receive valid alerts due to complex protections, it may be more hazardous than if we continued to use the existing (but vulnerable) system,” they added.
To overcome these challenges, the researchers are proposing two solutions: (1) digitally signing message for people to authenticate the warning they receive; and (2) establishing network profiling technique which can be solely implemented on the UE without modifications to the network.