Over the past period, many governments have emphasized the risks posed by cyberattacks against critical infrastructure.
In most cases, when we hear about critical infrastructure attacks, we think about things such as power and communication outages, but the risks posed by vulnerable Emergency Alert Systems (EASs) are just as dangerous.
Experts from security firm Trend Micro believe the time has come for people to realize and understand the risks posed by the vulnerabilities recently identified by researchers in AES.
In the last months, we heard about numerous cases in which road signs were hacked, but last week, an even more serious incident came to light.
Most people viewed the zombie warnings issued by a Montana TV station as an elaborate prank, but researchers have noted that EASs can be easily compromised because most of them are vulnerable to cyberattacks.
Trend Micro Threat Communications Manager Christopher Budd explains that there’s a real danger and that this issue shouldn’t be taken lightly since alert systems can be used for much more than fake zombie warnings.
“The Emergency Alert System is designed to be a highly trusted channel. It is truly a piece of critical public safety communications infrastructure in that regard. That means that a compromise of it with malicious intent can lead to truly dangerous consequences,” said Budd.
“A plausible set of instructions that a catastrophic event has happened and urging mass evacuations can lead to deaths in the stampede. Instructions that local public safety officials have been compromised and cannot be trusted can impair the ability to restore order by undermining those officials authority.”
The expert warns that, next time, we might not see fake zombie warnings, which might immediately be seen as a joke by most people, but instead, get more realistic alerts such as civil uprisings or natural disasters.