[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Re: [emergency] IFSC was: RE: [emergency-msg] Any word from Jamie? Notes.
Don't know if you folks saw this bit of news/analysis but it was in today's Homeland Security Monitor from Intellibridge - R FCC Launches Review of Emergency Alert System The U.S. Emergency Alert System (EAS) that allows officials to interrupt radio and television broadcasts to provide emergency information is vulnerable to cyber attacks, federal officials announced. "Security and encryption were not the primary design criteria when EAS was developed and initially implemented," the Federal Communications Commission (FCC) wrote in a public notice launching a review of the system on 12 August. Established in 1997 to replace the Cold War-era Emergency Broadcast System, the EAS was built without basic authentication mechanisms and is activated locally by unencrypted low-speed modem transmissions over public airwaves. According to SecurityFocus reports, the system weaknesses leave EAS open to malicious interference such as denial-of-service attacks or the promulgation of false regional alerts. Under FCC regulations, unattended stations must automatically interrupt their broadcasts to forward alerts, making it possible for false information to be forwarded without review. The FCC acknowledged the system "could be exploited during times of heightened public anxiety and uncertainty" to distribute false information to the public and that "EAS signals could be subject to jamming." Among the questions the FCC will address is how to protect broadcasters from liability if they inadvertently rebroadcast a false EAS message; who is responsible for system security; how can the authenticity of EAS messages be verified; and "what security standards, if any, should be implemented?" According to FCC Commissioner Jonathan Adelstein, "The Commission must now buckle down and do what it is we are asking state and local officials to do -- assess vulnerabilities, create a plan for better service, and review and update that plan as communications technologies evolve." ANALYSIS: The FCC review follows a detailed report on the EAS produced by the nonprofit Partnership for Public Warning (PPW) in February 2004, which noted EAS security as "very much an issue." Acknowledging the system's weaknesses, FCC officials noted that "the complete EAS protocol is a matter of public record." Although there are no reported cases of vulnerabilities being exploited, experts are concerned that the system's lack of security might make it attractive as a disinformation tool to be used in conjunction with a physical attack. Although many experts believe EAS would be a critical government information system in the event of a chemical or biological attack, the system is increasingly under fire by critics who assert that its mission and reliance on analog broadcast media are obsolete in an era of instant 24-hour news coverage. Peter Ward, chairman of PPW, advocates replacing EAS with an all-digital network tied to cell phones, pagers, digital televisions, and other devices. Others such as Mark Manuelian, engineering manager at WBZ Radio in Boston, disagree. Arguing that EAS is vital to reach the "mom and pop radio station literally running their own business with a transmitter in the back field," Manuelian commented, "These things stand alone in little radio stations that have no Internet access... That's something we don't think of where we are in big cities." Although the system has never been used for a national emergency, state and local officials have found it valuable for warning the public of regional crises such as tornados, floods, or hurricanes and use it frequently in conjunction with the "Amber Alerts" program for abducted children.
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]