A group of IT system audit specialists managed to trick the presidential alert system by sending a fake message that is impossible to be blocked by the phones of attendees at a football stadium with capacity for 50,000 people.
The team, made up of researchers from the University of Colorado Boulder, found a way to spoof the alert and send it using software-defined radio, which is available to any user on any store; in addition, the experts made some modifications to the Open Source NextEPC and srsLTE libraries. The experiment showed an effectiveness rate of 90%.
According to IT system audit specialists, the Wireless Emergency Alert (WEA) is operated by the U.S. Federal Emergency Management Agency and aims to ensure rapid and effective communication between the US President and the citizen in the event emergency. These presidential alerts cannot be disabled or blocked, in other words, no matter if the danger is real or a fake alarm, phones will always receive these alerts.
In their research, specialists mention that they used portable base stations to mimic the LTE signal sent by mobile towers. The tests were conducted at the Folsom Field of the University of Colorado, with capacity for 50 thousand people; although the alerts didn’t reach that entire audience, experts found that they were able to send these messages to both Android and iOS users.
“Using four portable base stations of only a watt of power we were able to send the message to almost every spectator in the stadium with a success rate of just over 90%,” the researchers explained.
According to the International Institute of Cyber Security (IICS) IT system audit experts, threat actors could use a similar attack to deceive tens of thousands of people with fake messages by announcing alleged attacks terrorists to natural disasters.
Researchers believe they have discovered a massive vulnerability in the U.S. mobile network and, while they claim that the problem can be fixed, none of the possible solutions will be easy to implement.