A security researcher has found a way to control the emergency alert system sirens in San Francisco with only a $30 handheld radio and a laptop.
On Tuesday, Balint Seeber from IT security provider Bastille Networks demonstrated the theoretical hack in a YouTube clip, and warned that other emergency alert systems are susceptible, too.
“A malicious actor could do the same thing and trigger false alarms,” he warned in a separate video.
The hack applies to siren models from ATI Systems, which are controlled over a radio frequency. The problem is the lack of encryption; the data packets sent over the radio frequency to the sirens are completely exposed.
Seeber, who lives in San Francisco, noticed he could analyze the radio transmissions each week and study how the data packets triggered the sirens to sound. In his demo, Seeber directed a siren to play an audio clip of his voice, along with the Rick Astley song “Never Gonna Give You Up.”
Seeber’s test was amusing, but the trouble is, any bad actor with some technical knowledge could conceivably exploit the vulnerability too.
Bastille Networks notified ATI systems and the city of San Francisco about the vulnerability in January. On Tuesday, ATI Systems said that Seeber’s hack is likely legit, but also difficult to pull off.
“We wish to point out these are technically sophisticated people who have devoted significant time and effort to this task,” the company said in a statement. “Before customers panic too much, please understand that this is not a trivially easy thing that just anyone can do.”
Still, ATI Systems—which develops emergency alert systems for universities, refineries, and military bases—developed a patch that the company can work with clients to install.
The city of San Francisco is fixing its own emergency alert system by installing a firmware upgrade that adds encryption to data sent to and from the emergency sirens. “Initial testing shows the firmware upgrade minimized the threat. Nevertheless, we will continue testing,” said Linda Gerull, the city’s executive director of the department of technology, in a statement.
A year ago, a siren hijacking incident grabbed headlines when a hacker exploited the emergency alert system in Dallas, Texas. The hacker did so by tampering with an older radio control system to hijack all 156 sirens in the city to blare over a dozen times.