EXECUTIVE SUMMARY:

Back in January, panic spread, briefly, from Hawaii to the mainland when someone from Hawaii’s emergency management services mistakenly sent an alert warning of an incoming ballistic missile. Some initially thought hackers might have been involved. In actuality, a worker misunderstood testing instructions from his manager and believed the threat to be real. A recent discovery by a security researcher, however, shows that some city emergency warning systems are indeed to vulnerable to hacking.

As Wired reports, anyone with a laptop and a $35 radio could hack into the emergency siren equipment created by ATI Systems–at least in three cities so far. On top of that, hackers could potentially create chaos by playing any audio, such as false warnings of incoming tsunamis or missile strikes, dangerous or mass-panic-inducing instructions. Combine that with a civic IoT cyberattack and it’s not hard to imagine the scale of chaos that could ensue.

The equipment tested by the security researcher lacked basic encryption capabilities that would prevent taking over the system. As a result, he was able to read and reproduce transmissions to the siren systems. “By bouncing that signal through a repeater near the center of each city’s network, Seeber (the researcher) believes he could have gained control over the citywide collection of sirens, each one capable of pumping out as much as 135 decibels,” writes Wired.

Get the full story at Wired.