Back in 2018, a bogus emergency broadcast was sent to the cellphones of Hawaiian residents, alerting them to a phony nuclear missile strike and causing mass panic. While this notification was the result of a clerical error, the mistake prompted researchers at the University of Colorado-Boulder to take a deeper look into just how vulnerable the emergency alert system really is. And what they found was quite unsettling. As Vice News reports, weaponizing emergency broadcasts in the United States can be accomplished with surprising ease.
As Vice reports, the researchers showcased their findings at the the 2019 International Conference on Mobile Systems, Applications and Services (MobiSys) in Seoul, South Korea. There, the team displayed just how easy it was for them to manipulate the Wireless Emergency Alert (WEA) system and fool cellphone users.
The Boulder team began their research by building their own "pirate" cell tower out of easy-to-find hardware and open-source software. Isolated RF shield boxes were also used to prevent any real-world harm before beginning their experiments at Folsom Field -- the university's football stadium, which seats 50,000 people.
Vice reports the team was able to successfully transmit fraudulent messages onto cellphone users 90 percent of the time.
As Vice explains further:
The transmission of these messages from the government to the cellular tower is secure. It’s the transmission from the cellular tower to the end user that’s open to manipulation and interference, the researchers found. The vulnerability potentially impacts not just US LTE networks, but LTE networks from Europe to South Korea.
Not only that, but the researchers say leading such an attack isn't even expensive: Building the "pirate" cell cost the team about $1000. They were able to use readily available resources to create the cell, which is no larger than a standard WiFi router.
Eric Wustrow, study co-author and an assistant professor in Electrical, Computer and Energy Engineering, says that a malicious actor would need to be relatively close to their targets. While this could potentially cause them to be caught, there's a good chance they'd go unnoticed until it was too late.
As Vice explains, the WEA system is currently managed by FEMA and the FCC, and is used to send AMBER alerts, severe weather warnings and Presidential alerts. These alerts are broadcasted over specific LTE channels to ramp up reception in targeted geographic areas. But while transmission from government to cell tower is secure, the transmission from cell tower to cell phone users is not.
The potential for the WEA system to be weaponized and used to cause mass chaos and panic is huge, but Wustrow and the rest of the team have several ideas as to how government can mitigate these risks.
As Vice reports, Wustrow says that "for a more practical immediate solution, cell phones should only display alerts if they are connected to a trusted cellular network." This alone could have prevented the simulated attack Wustrow and his team launched in their study. Public key cryptography is another option, though private keys could make launching some alerts (like AMBER alerts) more complicated.
"Ultimately we hope cell carriers, manufacturers, and government entities work together to find a more robust solution,” Wustrow says.
This research also underscores the importance of emergency preparedness. When disaster strikes, most people don't know what to do, and chaos ensues. Having a plan laid out for emergency situations can also help save you time and stress in the long-run. Learn more about what to do in an emergency at Preparedness.news.
Sources for this article include: