More than 100 emergency sirens blanket the City of San Francisco, ready to warn locals in the event of a flood, a fire, an earthquake, or terrorism. And while true emergencies are few and far between, everyone in the Bay Area knows the siren’s racket, even if they’ve trained their ears to tune it out.
Redolent of an wartime air raid, the sirens wail precisely at noon each Tuesday, rising and falling, eerily and slow. “This is a test,” a voice follows. “This is a test of the outdoor warning system. This is only a test.” And thus concludes the Tuesday midday siren.
What the residents don’t know is that their siren has long been vulnerable to attack. Triggering the sound for malicious or mischievous purposes isn’t stupid-easy, but for a person educated in radio-frequency security, who has $30 to blow at an electronics store, there’s virtually nothing to stop them from bathing the city in obnoxious tones for hours on end.
Worst still, the same vulnerability might very well affect similar emergency systems in countless other cities, universities, and public utilities installations (read: nuclear power plants).
Two years ago, a software engineer—originally from Australia—moved to San Francisco from South Bay and noticed the sirens everywhere he went. Perched atop poles, and often intentionally positioned so as not to “adversely affect residents by blocking their views,” most people wouldn’t give it a second thought. But the engineer, Balint Seeber, just happens to be obsessed with electromagnetic radiation—in particular, the range of frequencies most of us simply refer to as “radio.”
Examining the sirens, installed by a company called Acoustic Technology, Inc, or ATI Systems, Seeber, the director of vulnerability research at Bastille Networks, deduced that all were triggered by RF (radio frequency). And of course they are. It would be incredibly inefficient to do it any other way. Why on earth would the city run miles and miles of electric cable to over a 100 points in the city when sweet, wireless radio is so cheap and easy to use?
With access to a specially licensed frequency, there’s virtually nothing to impede the signal sent once a week by the city’s emergency management department. What’s more, test signals, not intended to trigger the sirens, can be sent just as easily, ensuring that the system is on standby for when it is needed most.
It’s nearly foolproof. Nearly.
It’s not clear what possessed him to do it, but on one Tuesday, shortly before noon, Seeber connected a radio transceiver to his laptop and prepared to scan the airwaves for the siren system’s signal. As it blared, he searched the spectrum broadly, scanning for any activity that matched the siren’s call. Eventually, he hit pay dirt.
ATI’s proprietary digital radio protocol, unfortunately, did not benefit from any security measures that would be useful in defending against malicious triggering, he found. “I was expecting some type of encryption might’ve been applied that would have yielded packets with random-looking data,” Seeber told Gizmodo. That wasn’t the case.
“These particular activation packets, as they call them, have the same structure every week,” he said. “So it became quickly very apparent that you could forge these packets. It’s not as simple as a replay attack,” he said, meaning you can’t just record the sound and re-emit it. “There’s a little more complexity to them. But not much more.”
What would it take then to actually trigger the sirens? Someone with an electrical engineering degree would be ideal. The most complex bit, of course, is finding someone to code the software needed to demodulate, replicate, and transmit the necessary RF signal.
San Francisco’s sirens are activated by a manned central controller strategically placed within the city. When an emergency calls, the controller transmits digital activation packets to a repeater, which, according to Seebe, is located in Twin Peaks, the city’s second highest summit and geographical center.
The repeater, having receiving the packets, in turn transmits the packets over a licensed frequency to the sirens, each of which contains a modem for demodulating the packets. Anyone who may intercept them, purposefully or by accident, will likely only hear what sounds like seemingly random tones firing in short bursts—a binary code unchanging week to week and the key to the siren’s annoying song.
A person who understands this technology as Seeber does should be able to decipher the flow of ones and zeros and, if they’re an asshole, wake up the entire city. (Oh, and they need that $30 radio, too.)
These signals can be scrambled, randomized, or in other words, encrypted, to stave off this type of malicious attacks. But according to Bastille, a firm that specializes in analyzing RF-based attacks—for banks, tech companies, as well as the government—many companies believe that merely developing their own radio protocol is security enough.
Having confidence that you’re secure simply because no one knows what the hell you’re doing is sometime called “security through obscurity.” Picture a safe with a locking mechanism that no one has ever seen—does that make it unbreakable? As Seeber deftly demonstrated, the obscurity trick doesn’t always work so well.
“What we find in our work in general is that in IoT and critical infrastructure and industrial control systems, a lot of companies decide that they’re going to implement a proprietary RF protocol—a radio frequency protocol—to communicate, and they may or may not add security to that,” Bastille’s chief revenue officer, Ivan O’Sullivan, told Gizmodo.
Seeber’s research, which was conducted passively—meaning, he never actually attempted to trigger the alarms himself—demonstrated that ATI had not attempted to encrypt its activation sequence, likely because it assumed anyone who happened to find it would have no idea what it was for.
According to its website, ATI has a host of featured clients one might recognize, among them One World Trade Center and West Point Academy. But it’s unclear which systems at which locations are similarly affected by the vulnerability. Bastille was, however, able to test Seeber’s discovery at one other location. The problem, it seems, is not San Francisco’s alone.
“[Seeber] went to the Midwest and proved it at a second location,” O’Sullivan said. “We know of at least two confirmed locations, and that’s what we’ve done so far, but we haven’t been able to travel to each of the locations.” The second location, Seeber informed Gizmodo, was in Sedgwick County, Kansas. Authorities there, he said, confirmed to Bastille that they’d been working with ATI to fix their problems as well.
“What we want now is to make sure that ATI’s other customers are made aware of the vulnerability, communicate with ATI, and work with them to take—and, if necessary, customize—the patch and get it out there,” added O’Sullivan said.
In a public statement Tuesday, ATI did not contest with Bastille’s findings. It did, however, urged its customers not to panic... too much.
“Bastille Networks, a company that offers visibility into known and unknown mobile, wireless and IoT devices within an enterprise’s corporate airspace, reported that by monitoring one of our systems for months, they have largely deduced the command format of our packets,” ATI wrote, adding: “This is likely true.”
It continued: “However, we wish to point out these are technically sophisticated people who have devoted significant time and effort to this task. Before customers panic too much, please understand that this is not a trivially easy thing that just anyone can do. Spoofing our current protocol is still several orders of magnitude harder than spoofing a DTMF-based siren system.” (DTMF tones, such as those used on old landlines telephones, have been used in the past to activate emergency systems.)
ATI confirmed that indeed it was issuing a patch to further safeguard its systems, at least ones not already protected from the vulnerability, which Seeber has named “Siren Jack.”
The sirens deployed by ATI on military bases, for instance, already use encrypted signals. The military’s equipment is considerably more expensive, however, and not every local government will be able to justify the expense, ATI said.
Thanks to Bastille, a patch created by ATI against Siren Jack is now currently being tested, and the company plan to roll it out soon. Unfortunately, it’s not as easy as it sounds. The sirens, ATI said, “are not mass market consumer items connected to the internet where you simply download a patch.”
San Francisco, at least, may be able to rest easy. Changes have been apparent, says Seeber, who continues to monitor ATI’s protocols from his home with his laptop and Amazon-bought radio. “I do see now various forms of new packets that do look more random,” he says. “And that makes me optimistic.”