https://www.nextgov.com/cybersecurity/2019/06/researchers-show-how-send-fake-presidential-alerts-your-phone/157964/
By Patrick Tucker Technology Editor Defense One June 24, 2019 Recall last year when Hawaii’s cellphone users received a terrifying—but incorrect—warning about an incoming missile attack? New research shows that hackers could easily hijack the nation’s emergency alert system in order to, say, send a fake message that appears to come from the President of the United States. The June 17 paper by scholars at the University of Colorado Boulder looks at the Wireless Alert System, a federally run arrangement that can send three types of emergency warnings to cell phones: Presidential Alerts, Amber Alerts about missing children, and Imminent Threat Alerts, e.g., dangerous weather, inbound missiles, etc. How many people could be affected? By their calculations, with just four fake cell towers you could hit 49,300 people seated together—say, in a stadium—with 90 percent success. Here’s how Presidential Alerts, first tested in October 2018, work. During a national emergency, FEMA officials send an alert message to phone companies that provide mobile service. Each phone company sends the message to a more local node called a customer broadcast center. That center then geo-targets cell towers to push the alert to connected cell phones. [...]
-- Subscribe to InfoSec News https://www.infosecnews.org/subscribe-to-infosec-news/ https://twitter.com/infosecnews_
