Government warns new emergency alert system can be hacked: Video appears online showing how fake alerts can be sent to phones within a mile
Britain’s new emergency alert system could reportedly be exploited by hackers with less than £1,000 worth of equipment and a video tutorial.
At 3 p.m. Sunday, millions of cell phones and tablets will begin blaring a shrill alarm during a nationwide test of the new public alert system.
The emergency warning system, which has been heavily criticized by women’s charities and former ministers, is intended for use in life-threatening situations, including floods and wildfires.
However, government sources have confirmed this The Telegraph that it was possible to hack into the system using a laptop and a transmitter that tricks devices into believing an alert has been sent.
It is feared that hackers could use this simple technology to send fake alerts within a mile radius, which could lead to mass panic in crowded areas such as stadiums or busy train stations.
Britain’s new emergency alert system can be infiltrated by hackers with less than £1,000 and an online tutorial. (file image)
At 3 p.m. Sunday, millions of mobile phones and tablets will begin blaring a shrill alarm during a nationwide test of a new public warning system
Hackers or protesters could use a YouTube video created by American computer academics to highlight the system’s vulnerabilities — which have not been patched since they came to light in 2019.
The Telegraph understands that hackers can alert those within a mile of a false missile strike, natural disaster or terrorist incident.
University of Colorado Boulder academics warned that “false alerts in crowded cities or stadiums could potentially lead to cascades of panic.”
“We find that with just four malicious portable base stations of a single watt of transmit power each, almost the entire 50,000-seat stadium can be attacked with a 90 percent success rate,” they said.
“This attack can be made with commercially available software-defined radios costing less than $1,000 and a few modifications to open source software.”
They said they disclosed their discoveries to “several relevant parties,” including the US government.
While there are concerns that the UK’s warning system could be vulnerable to the same attacks, the government has rushed to allay fears.
A government spokesman said: “Our emergency alert system is highly secure and has been developed in collaboration with government cyber experts. The system will only be used in a very limited number of life-threatening circumstances and all warnings will be published on gov.uk at the same time as they are broadcast.”
Automotive groups have warned that drivers could become distracted when their phones receive the warning
Rishi Sunak defended the emergency warning system and begged the British not to disable the feature
The UK’s National Cyber Security Centre, which is responsible for securing the system, believes hacking is possible but unlikely as there have been no recorded incidents since the US launched its alerts in 2018.
As those involved in the rollout of the UK’s emergency alert system rushed to promote it, several campaign groups have condemned the move.
Cyber experts have warned that the national siren alert has created a “perfect opportunity” for scammers to launch phishing attacks on the public.
There is also anger that the contract to implement the scheme, worth nearly £5.7million of taxpayers’ money, has gone to Fujitsu, the technology giant behind the Post Office IT scandal that saw innocent postal workers jailed.
Meanwhile, motorists warned drivers could become distracted or risk breaking the law by clearing the home screen behind the wheel.
And women’s charities fear the warning could tip off abusers about hidden “lifeline” phones secretly used by victims of domestic violence.
While many Brits scrambled to figure out how to disable the feature, Prime Minister Rishi Sunak pleaded with the public to heed the warnings ahead of the controversial test this weekend.
A similar alert was issued in the United States last year, with the Department of Homeland Security saying hackers could exploit a software flaw in the Emergency Alert System to send false alerts over radio and TV stations.