Wednesday, February 13, 2013

Thoughts on the EAS hack

Those who know me well, know I take a keen interest in radio systems and public warning systems.  When FEMA instigated the EAS (Emergency Alert System) test on 9th November 2011, this brought to conclusion a period of frantic programming for me, as I'd been part of a team re-writing the Emergency Operations Centre (EOC) that handled the EAS test for a well know national broadcaster in the US.

When I first heard that an "EAS hack" had occurred in Montana leading to a "dead bodies rising" transmission, I thought it was probably just a marketing stunt for something zombie related.  Over the past few days, it has become apparent that this isn't the case.

This has a big implication:  The way the message was transmitted is you have a starting point, let's call him "P" (the President), and P says "I have a message, send it nationwide". P transmits to FEMA and they send to other people down the chain, and the message eventually hits the broadcasters.  In the case of radio, this runs like this:

You have a transmitter that sends out the station signal, and you have an EAS hardware box that listens to other nearby stations.  When the box sees a message, it has instructions to relay this on the transmitter so that other stations can pick this up.  These are the "P1" stations, or "Local Primary", which usually means the big broadcasters.  Smaller independent stations ("P2" or "Local Secondary") are listening to the P1's.  Whilst the P1's have the capability to broadcast the emergency to the public, often these P2's are just a transmitter in a field with no human's, so they broadcast a message that says "please tune to [insert P1 here]".  Eventually, an "End of transmission" message trickles down the same waterfall and everyone goes back to normal broadcast mode.

The implications that someone hacked at a local primary level is worrying, as you should in theory be able to do the same at the national level as there's no encryption.  This system was built a long time ago, and in theory nobody in the public domain should know how to operate or interface with it.

This needs fixing immediately.