U.S. Emergency Alert System open to more 'zombie' hackers after accidental SSH key disclosure

U.S. Emergency Alert System open to more 'zombie' hackers after accidental SSH key disclosure

Summary: "Civil authorities in your area have reported that the bodies of the dead are rising from their graves," said one recently hacked emergency broadcast.

SHARE:
TOPICS: Security
11
CoCo_alert
(Image via CNET)

It's fair to say that should you see one of these warnings on your television as you're drinking your wake-up coffee, you're probably not going to have the best of days. Though, when you're told that the "bodies of the dead are rising from their graves and attacking the living," one might meet such reports — despite the official standing of such interruptions — with some skepticism.

That's exactly what happened in Montana in February, when hackers broke in to the U.S. Emergency Alert System (EAS), which interrupts television and radio broadcasts in times of local and national warnings. The default password wasn't changed, allowing the hackers to walk in to the Internet-connected appliance.

But a new security advisory warning warns that the EAS system is wide open to remote attacks by hackers, who can broadcast fake reports and materials.

The "critical" rating from IOActive [PDF] warns that DASDEC-I and DASDEC-II application servers, made by Digital Alert Systems, are left wide open to attackers, following a recent firmware update that also disseminated the secure-shell (SSH) key.

The key allows anyone with limited knowledge to log in at the root level of the server and "manipulate any system function," including browse key directories and access its peering arrangement.

From the advisory, an attacker who gains control of one or more DASDEC systems "can disrupt these stations' ability to transmit and could disseminate false emergency information over a large geographic area," which in some cases could be "forwarded to and mirrored" by other systems, spreading false information over a wider area.

The key is now in the public domain, and "cannot be easily removed except by a root privileged user on the server." The security advisory warns the maker of these appliances to "re-evaluate their firmware and push updates to all appliances."

Other advisories were published, including one by the U.S. CERT team, which notes that firmware version 2.0-2 resolves this vulnerability.

Topic: Security

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

11 comments
Log in or register to join the discussion
  • doubts

    what i really want to know is that will there be hackers that hack PC just out of fun or something? well i dont have secret documents on my computer but i dont somebody peep into it either... every time i will check all updates of my antivirus and i change them often as well, like kapersky, panda, avira, norton, etc and i can find out all from www.(softdownfast).com
    maybe i'm overreacted but i don't know.... maybe
    Michael.J
  • EAS

    If the authorities are so foolish with THIS system, we certainly should NOT allow the government to control all communication systems in times of disaster!! How can we trust the information being given when the system could be so easily hacked!
    donbarker52
  • While we're at it...

    Why don't we turn our health care system over to these folks as well? Obviously nothing will go wrong and we'll all be happier for it.....
    Skibum
  • EAS:~# rm -rf /* && exit

    Have fun! :)

    Note that I don't condemn hacking. Just imagine what happens when it comes to root privileges? Expect the unexpected. Even a hacker would delete the entire file system by surprise. :)
    Grayson Peddie
  • ZERO Tolerance

    The only way to stop this hacking is to deal with it like a terrorist attack and put serious resources into finding and prosecuting these criminals and publicizing the heck out of it on all the Media channels. The penalties should be very stiff, not a slap on the hand. If it is from another country it should be considered an act of war and if the country it is happening in doesn't deal with it then we will. If the hacking caused any injury or death it should be considered Murder and the same penalty would apply. They've let this go for too long because they don't do anything about it. Same thing with Identity Theft. There should be stiffer penalties and all cases should be pursued to get a conviction. In most cases the Authorities don't even investigate. Let the Banks and people take the financial hit. It's like a cancer, you need to attack it aggressively before it metastasizes.
    jofu
    • Zero Tolerance

      As long as we rely on public facing computer systems there will be individuals that will try to exploit known vulnerabilities. Resorting to hyperbole is not likely to fix this problem.

      Let's look at the "Zombie" incident listed above. Was it a credible act of terrorism? Was there really a chance that the average viewer would take the alert seriously?

      It is more far more likely that this was the work of some high school kids. That said, there should be serious repercussions. Perhaps a fine, or community service.

      The trouble with a Zero Tolerance policy is that it is difficult to address all possible scenarios. In the current example it is possible that you may want to deal with different classes of perpetrators in different ways. For example, most reasonable people would not treat a high school kid the same way you would treat a member of Al-Qaeda or Chinese intelligence officer.

      There is also the issue of harm. Real harm not the Nth degree, sum of all fears possible harm could have resulted. I mean the real harm, as evidenced in this particular incident. Which in this case wasn't really harm but rather nuisance.

      If after all this you still feel that charges are required, then the charge should be simple trespassing and disturbing the peace.
      Dwayne Radican
    • @jofu and terrorists

      Oh please, put your shiny big black boots back in the closet.
      Falcon Flight
    • ouch...

      so... as the guy who found this bug.. this is the kind of overreaction i fear most.. if this kind of zero tolerance policy had been in place i never would have reported the issue.. whatever happened to proportionality?
      Some Tolerance Please
  • After Corporate Takeover ...

    of all internet connections, social networks, news media, etc. it might turn out that the ONLY way to get a non-establishment message out would be to hack into establishment networks. The theory of the First Amendment does not work so well when one side can put its message on all the mass media while the other side is restricted to word of mouth without access to any electronic media. I would love to see someone hack into Faux News and add a "truth crawl" along the bottom explaining what their talking heads REALLY mean (as Colbert does on his show when he does that "The Word" segment).

    If you want to protect your vote from the new wave of James Crow, Esq. laws being passed in Texas and elsewhere, go to www.whitehouse.gov, get a signon if you do not already have one, and sign the petititon "Resume Enforcing the Voting Rights Act Section 5 Immediately." The petition explains what I believe is a valid loophole in the recent decision striking part of the VRA, and urges the President to exploit that loophole.

    https://petitions.whitehouse.gov/petition/resume-enforcing-voting-rights-act-section-5-immediately/Ckj7Q0rW
    jallan32
    • More DemPerv Satanic

      Did you also sign the White Hut petition to repeal the Bill of Rights?
      Falcon Flight
  • Another Hacker Tutorial

    Why even discuss these issues when all ZDNet is doing is alerting the 'hacker world' of an exploit.....if they don't already know about it yet!
    electric800