October of last year, Federal Emergency Management Agency sent out the nation’s first “presidential alert” using the Wireless Emergency Alert (WEA). This system would allow any president of the United States to send out nationwide alerts in the event of a disaster or emergency.
The same system is also being used to send out AMBER and weather alerts to your phones. Unfortunately though, an exploit on security LTE vulnerabilities make it easier to send out spoofed presidential alerts to mobile phones.
“Spoofed” presidential alerts can easily be sent out because of LTE vulnerabilities
In an effort to test out the new state-of-the-art system, residents in the U.S. received its first presidential alert last year. This system allows the current president to send out alerts in an event of an emergency.
However, at least according to a study conducted by the University of Colorado Boulder, the system is not perfect. Amidst the tensions between the U.S. and North Korea last year, an erroneous alert has been sent out to residents in Hawaii of an inbound ballistic missile threat.
Then, according to the study, the system is not as nearly as secure as it should be. Using a readily available, off-the-shelf equipment and an open-source software, a working team from the university was able to send out a spoofed presidential alert.
Every single phone in a stadium consisting of 50,000 seats were able to get the alert. The spoofed alert was successfully sent out nine out of ten times that it was attempted. Imagine the cascades of panic from people in a real life situation.
“LTE network used is the biggest weak spot”, says researchers
It is true that there isn’t a perfect system, but many of the issues over the years has been a result of human error. But according to the researchers, the biggest weak spot would have to be the LTE network that is used to transmit the message.
Instead of a traditional text message, the system uses LTE, to which each tower blasts out alerts on a specific channel to all devices in range. In that case, a false alert can be sent out to devices that is close in range. And if that isn’t bad enough, there is also no way to verify if an alert is authentic or not.
When it comes to fixing out the vulnerabilities, this is what the research team from the University of Colorado Boulder has to say:
The true impact of such an attack would of course depend on the density of cell phones in range; fake alerts in crowded cities or stadiums could potentially result in cascades of panic. Fixing this problem will require a large collaborative effort between carriers, government stakeholders, and cell phone manufacturers.
Furthermore, adding a digital signature would make it a little harder to fake out messages but it is not entirely the “magic solution”.
Finally, a similar LTE vulnerability was discovered last year, which allowed researchers to not only send out fake alerts but also eavesdrop on the user’s text messages, as well as tracking their location.