SirenJack: Hackers can hijack emergency alert sirens with a $35 radio and laptop

Thanks to a flaw in popular emergency alert systems, hackers with knowledge of radio frequencies could remotely hijack the system with as little as a laptop and a $35 two-way radio and activate the sirens, trigger false alarms, or even broadcast any audio of their choosing.

The vulnerability, dubbed SirenJack, is in emergency alert systems manufactured by Acoustic Technology Inc., aka ATI Systems. It was discovered by Balint Seeber, a researcher at security firm Bastille, after he determined that the RF signals used in San Francisco’s emergency alert system were not encrypted; the activation commands were sent “in the clear.”

Where ATI emergency alert systems are used

ATI emergency alert systems are used in cities such as San Francisco and Wichita, Kansas, as well as “other large urban and rural communities, military installations, universities, and industrial sites including oil and nuclear power generation plants, potentially affecting millions of people.”

Read more – CSO: