Security Experts:

Root SSH Key Compromised in Emergency Alerting Systems

Digital Alert Systems From Monroe Electronics Contain a Known SSH Private Key and are Vulnerable to Remote Attack

File this one among the stories that fell through the cracks due to the 4th of July holiday in the U.S. According to a July 3 advisory from the Department of Homeland Security’s ICS-CERT, the Root SSH Key for Monroe Electronics emergency alert systems has been compromised. 

The private SSH key used in firmware images prior to version 2.0-2 of Monroe’s DASDEC-I and DASDEC-II, which are emergency alert system (EAS) encoder/decoder devices used to broadcast EAS messages over digital and analog channels, has been compromised – though how it happened exactly remains a puzzle. 

Emergency Alerting System Can be HackedThe SSH key was hardcoded into the devices, which is bad form really. Most programmers avoid it, but those who use hard-coded crypto keys in their firmware often do so because they feel it is safer than using hard-coded passwords. In reality, this sense of security is a false one.

In the case of Monroe’s hardware, unless the default settings were altered during deployment, then the impacted systems are using a known key that enables remote access – meaning an attacker would have no problems accessing them if they are publically faced or if they’ve already compromised the network. 

The vulnerability was discovered by Mike Davis, a principal research scientist at IOActive

“Earlier this year we were shown an example of an intrusion on the EAS when the Montana Television Network’s regular programming was interrupted by news of a zombie apocalypse. Although there was no zombie apocalypse, it did highlight just how vulnerable the system is,” Davis said.

“These DASDEC application servers are currently shipped with their root privileged SSH key as part of the firmware update package," he continued. "This key allows an attacker to remotely log on in over the Internet and can manipulate any system function. For example, they could disrupt a station’s ability to transmit and could disseminate false emergency information."

Monroe told customers about the problem in April, but have remained silent with regards to how the compromise was brought to their attention. They did however; tell customers that passwords were no longer being hard coded and that changes to password handling were implemented as part of the patching process.

"The EAS is designed to enable the President of the United States to speak to US citizens within 10-minutes of a disaster occurring," IOActive explained.  "In the past these alerts were passed from station to station using the Associate Press (AP) or United Press International (UPI) 'wire services' which connected to television and radio stations around the US. Whenever the station received an authenticated Emergency Action Notification (EAN), the station would disrupt its current broadcast to deliver the message to the public."

According to an advisory from the company, most (but not all) of their customers have installed the updated firmware.  

"For any of these issues to be resolved, we believe that re-engineering needs to be done on the digital alerting system side and firmware updates to be pushed to all appliances,” Davis said.

Additional technical details on the vulnerabilities from IOActive are available here.

*Updated with revised headline, additional information from IO Active. Additional reporting by Mike Lennon

Subscribe to the SecurityWeek Email Briefing
view counter
Steve Ragan is a security reporter and contributor for SecurityWeek. Prior to joining the journalism world in 2005, he spent 15 years as a freelance IT contractor focused on endpoint security and security training.