The Emergency Alerting Systems (EAS), which was deployed to broadcast public safety warnings, has been proved to be vulnerable to hackers, according to researchers.
Researchers have revealed that vulnerabilities can allow hackers to take control over EAS and generate fake messages to the public.
Security firm IOActive reported that one TV network's output was broken up by news of a 'zombie apocalypse' in the US.
IOActive principal research scientist, Mike Davis, reported that the vulnerabilities were discovered in the application servers of two digital alerting systems called DASDEC-I and DASDEC-II, which are responsible for receiving and validating emergency alert messages.
"These DASDEC application servers are currently shipped with their root privileged SSH key as part of the firmware update package," Davis said.
"This key allows an attacker to remotely log on in over the Internet and can manipulate any system function."
The vulnerabilities comprised a private root SSH key being distributed in openly accessible firmware images, which would enable hacker with SSH access to a device to log in with freedom of rooting and generate false alerts or immobilise the system.
Originally, the flaws in the system, which was launched in 1997, were exposed by hackers by replacing an older set-up.
Windward offers advanced data software solutions for business intelligence, enterprise reporting, document generation, mail merge and Web-based...
M86 Security is a global provider of web and e-mail security products. We are the only security company able to provide integrated, reliable and...
Mimecast is a rapidly expanding Software as a Service (SAAS) company. We provide an online technology platform that radically improves the way...
ClickSoftware is engaged in service and workforce management software solutions and products.