Security consultancy firm IOActive has warned that emergency alert system devices utilized by radio and TV stations can easily be hacked in an effort to cause widespread panic.
Hackers had recently hacked into a number of television stations' Emergency Alert Systems to broadcast that zombies were "rising from their graves" and "attacking the living." However, while that was a comical hoax, IOActive warned that hackers can divulge such messages with ease, and it may be a more serious message next time, such as a terrorist attack.
"We found some devices directly connected to the Internet and we think that it's possible that hackers are currently exploiting some of these vulnerabilities or some other flaws," chief technology officer of IOActive Cesar Cerrudo told Computerworld.
Cerrudo stated that at least two types of Emergency Alert System devices are predominately vulnerable to attacks. "We contacted CERT [U.S. Computer Emergency Readiness Team] almost a month ago and CERT is coordinating with the vendor to get the issues fixed," he said.
The hacker that bypassed the television stations' systems security for the zombie hoax is said to have utilized a "back door" attack.
"It has been determined that a 'back door' attack allowed the hacker to access the security of the EAS equipment," said Cynthia Thompson, station manager for ABC 10, which was one of the stations affected. "The nature of the message Monday night was not necessarily dangerous, but the fact that the system was vulnerable to outside intrusion is a danger."