Security researchers warn that many emergency alert system devices used by radio and TV stations are susceptible to cyberattacks, which could cause widespread panic.
Hackers broke into several television stations' Emergency Alert Systems this week and broadcast that zombies were "rising from their graves" and "attacking the living."
While a comical hoax, security consultancy firm IOActive warns that this type of behavior is dangerous and not that hard for hackers to do, according to Computerworld. This week it's zombies, but next time it could be something that might make people really panic, such as an anthrax or terrorist attack.
IOActive says that devices used by TV and radio stations to air emergency alerts have critical vulnerabilities that make them susceptible to cyberattacks. If these devices are breached, hackers could feasibly broadcast anything they like to millions of viewers and listeners.
"We found some devices directly connected to the Internet and we think that it's possible that hackers are currently exploiting some of these vulnerabilities or some other flaws," chief technology officer of IOActive Cesar Cerrudo told Computerworld.
Cerrudo says that at least two types of Emergency Alert System devices are especially vulnerable to attacks. "We contacted CERT [U.S. Computer Emergency Readiness Team] almost a month ago and CERT is coordinating with the vendor to get the issues fixed," he said.
The hacker that got into the television stations' systems for the zombie hoax reportedly used a "back door" attack.
"It has been determined that a 'back door' attack allowed the hacker to access the security of the EAS equipment," station manager for ABC 10, one of the stations affected, Cynthia Thompson wrote in a blog post. "The nature of the message Monday night was not necessarily dangerous, but the fact that the system was vulnerable to outside intrusion is a danger."
