Emergency Alert System Vulnerability

Emergency Alert System (EAS) Vulnerability

We recently became aware of certain vulnerabilities in EAS encoder/decoder devices that, if not updated to most recent software versions, could allow an actor to issue EAS alerts over the host infrastructure (TV, radio, cable network).

formatting link

************************ Moderator's Note ************************

Sometime in the 1970's there was an accidental "activation" of what used to be called the "Conelrad" system. The Pentagon said that a civilian employee at Cheyenne Mountain had accidentally put the wrong punched tape into the teletype which was connected to the UPI and AP networks, and supposedly there was widespread panic and terror.

Accept there wasn't.

The event was barely noticed, for several reasons:

  1. The radio stations that wern't part of Conelrad were supposed to go off the air, leaving only one or two transmitter operating on the "Conelrad" channels that were marked on all the AM radios. However, the technicians who were supposed to be told to turn them off never got those orders, because either

A. The station managers and supervisors refused to sacrifice the ad revenue they were getting by staying on the air, and they all figured that it was a mistake anyway, knowing that if they were wrong, it wouldn't matter..

B. The "alert" receivers which were supposed to wake up station personnel to the fact that the world was theoretically about to end hadn't been maintained, and many of them had been tuned to the wrong channels, so the "chain" of alerts which had been planned, where stations "A" would send an alert, and that would be answered by station "B," and then by "C," either didn't start at all, or petered out at the first station that didn't get the alert from their upstream link, and therefore didn't do anything at all.

  1. Conelrad had a network of specially-equipped stations, one or two per area: they had specially-built transmitter which could, in theory, switch to the "Conelrad" frequencies that all the drivers in all the cars were expected to tune to when their regular stations went off the air. The idea was that, since the plan for which stations would remain on the air was "secret," that the invading hordes of bombers couldn't use the AM stations to navigate to their targets, since only one or two stations would remain on the air, and the bomber navigators wouldn't know where the radio signals were coming from.

I later heard, from the "old hands" at radio stations where I worked, that the switching mechanisms either failed for lack of maintenance, or couldn't be used because nobody had accounted for the changes in the stations' antenna arrays which had to be made in order to allow the transmitters to switch channels with only DJ's or supervisors on hand to make the needed adjustments. I'll spare you the details, but the antennas were a much bigger problem than anyone had expected.

The post-event fault-finding went up and down the chain of command, with everyone from SAC to the Congress to the White House saying we had to get a new, more reliable system.

Accept, we didn't.

The alerting system required all radio stations to have an alerting receiver turned on and able to respond to the "alert" tone, and thus cause the reactions that the Conelrad planners had assumed would be dutifully executed by all the folks in radio-land. Both before and after the false alarm, it was a disaster of magical thinking, containing assumptions about how all the people involved would automatically do the "right thing," without questioning the source of the information or the consequences if they ignlored the alerts.

It failed of its own weightr: the uniformed automatons of WOrld War II had come home, gotten married, and had kids - they or their children weren't able to imagine such a great catastrophe as a nuclear war, and they mostly chose to ignore those few alerts which survived the multiple points of failure that the designers hadn't counted on.

The Conelrad system is still mentioned in business school courses about disaster preparedness. It's in the sections on how NOT to do it.

Bill Horne

Reply to
Monty Solomon
Loading thread data ...

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.