Zombie broadcast hoax only the tip of the security iceberg

Summary:We may like the idea of smart meters and grids, but what's the point if we can't even protect the emergency broadcast system?

We may like the idea of smart meters and grids, but what's the point if we can't even protect the emergency broadcast system?

The recent hacking of America's Emergency Alert System (EAS), which warned citizens in Montana that "the bodies of the dead are rising from their graves and attacking the living" raised confusion as well as hilarity, but if hackers can so easily get into an emergency system designed to protect citizens, who knows what would happen if a smart grid system was taken down -- something that so many core services rely upon.

Was it down to sophisticated cracking software or the back-breaking work of criminals? No. According to Reuters, it was the far too-common reason so many systems are often compromised -- simple, human stupidity.

Like waving a red flag to a bull, system administrators across the U.S. left a number of passwords for the EAS software simply set to default. Unsurprising when you consider how many people insist on using passwords that are the hacker's delight , including 'qwerty', 'password', and '12346'.

Mike Davis, a security expert at IOActive Labs, told the publication that by using Google's search engine, he was able to find at least 30 additional alert systems that are vulnerable to attack. The zombie hoax may have only been a prank present on one station, but as Davis noted, the message could have been delivered to a lot more systems, and had the potential to breed chaos rather than humor.

The vulnerabilities in EAS systems have been forwarded to the Department of Homeland Security's U.S. Computer Emergency Readiness Team, US-CERT, but here's an idea: how about we start with the basics, and force lazy administrators to change the passwords regularly when it comes to such sensitive systems?

Failing that, perhaps the guys behind the EAS should take Google's password ring for a spin.

Image credit: Daniel Hollister

Related:

This post was originally published on Smartplanet.com

Topics: Innovation

About

Charlie Osborne, a medical anthropologist who studied at the University of Kent, UK, is a journalist, freelance photographer and former teacher. She has spent years travelling and working across Europe and the Middle East as a teacher, and has been involved in the running of businesses ranging from media and events to B2B sales. Charli... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.