Emergency Alert System (EAS) Vulnerability
We recently became aware of certain vulnerabilities in EAS
encoder/decoder devices that, if not updated to most recent software
versions, could allow an actor to issue EAS alerts over the host
infrastructure (TV, radio, cable network).
https://content.govdelivery.com/accounts/USDHSFEMA/bulletins/3263326
************************ Moderator's Note ************************
Sometime in the 1970's there was an accidental "activation" of
what used to be called the "Conelrad" system. The Pentagon said
that a civilian employee at Cheyenne Mountain had accidentally
put the wrong punched tape into the teletype which was connected
to the UPI and AP networks, and supposedly there was widespread
panic and terror.
Accept there wasn't.
The event was barely noticed, for several reasons:
1. The radio stations that wern't part of Conelrad were supposed to go
off the air, leaving only one or two transmitter operating on the
"Conelrad" channels that were marked on all the AM radios. However,
the technicians who were supposed to be told to turn them off never
got those orders, because either
A. The station managers and supervisors refused to sacrifice the ad
revenue they were getting by staying on the air, and they all
figured that it was a mistake anyway, knowing that if they were
wrong, it wouldn't matter..
B. The "alert" receivers which were supposed to wake up station
personnel to the fact that the world was theoretically about to
end hadn't been maintained, and many of them had been tuned to
the wrong channels, so the "chain" of alerts which had been
planned, where stations "A" would send an alert, and that would
be answered by station "B," and then by "C," either didn't start
at all, or petered out at the first station that didn't get the
alert from their upstream link, and therefore didn't do anything
at all.
2. Conelrad had a network of specially-equipped stations, one or two
per area: they had specially-built transmitter which could, in
theory, switch to the "Conelrad" frequencies that all the drivers
in all the cars were expected to tune to when their regular
stations went off the air. The idea was that, since the plan for
which stations would remain on the air was "secret," that the
invading hordes of bombers couldn't use the AM stations to navigate
to their targets, since only one or two stations would remain on
the air, and the bomber navigators wouldn't know where the radio
signals were coming from.
I later heard, from the "old hands" at radio stations where I
worked, that the switching mechanisms either failed for lack of
maintenance, or couldn't be used because nobody had accounted for
the changes in the stations' antenna arrays which had to be made in
order to allow the transmitters to switch channels with only DJ's
or supervisors on hand to make the needed adjustments. I'll spare
you the details, but the antennas were a much bigger problem than
anyone had expected.
The post-event fault-finding went up and down the chain of command,
with everyone from SAC to the Congress to the White House saying we
had to get a new, more reliable system.
Accept, we didn't.
The alerting system required all radio stations to have an alerting
receiver turned on and able to respond to the "alert" tone, and thus
cause the reactions that the Conelrad planners had assumed would be
dutifully executed by all the folks in radio-land. Both before and
after the false alarm, it was a disaster of magical thinking,
containing assumptions about how all the people involved would
automatically do the "right thing," without questioning the source of
the information or the consequences if they ignlored the alerts.
It failed of its own weightr: the uniformed automatons of WOrld War II
had come home, gotten married, and had kids - they or their children
weren't able to imagine such a great catastrophe as a nuclear war, and
they mostly chose to ignore those few alerts which survived the
multiple points of failure that the designers hadn't counted on.
The Conelrad system is still mentioned in business school courses
about disaster preparedness. It's in the sections on how NOT to do it.
Bill Horne
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)