Affected Systems

SirenJack is a vulnerability found in ATI Systems’ emergency alert systems that can be exploited via radio frequencies (RF) to activate sirens and trigger false alarms. 

Bastille is not prepared to discuss vulnerabilities that may or may not exist with other manufacturers. At this time the company can only comment on the vulnerabilities as they relate to ATI Systems. However, Bastille encourages other siren manufacturers to recognize this vulnerability and work together to reinforce that all emergency alert systems are secured and not vulnerable to exploitation.

Specific ATI Systems' emergency alert systems affected by SirenJack

VendorAffected DevicesBastille AdvisoryVendor ResponseDHS ICS-CERT Advisory
ATI Systems Siren node models: HPSS16, HPSS32, MHPSS
System controller: ALERT4000
Link to Advisory Vendor Response ICSA-18-100-01

Note: this list has been compiled to the best of our knowledge and may be incomplete. There may be other models/versions/revisions that are affected. The versions of the software/firmware running on the controller and nodes are not known. It is our belief that all versions of the custom radio protocol prior to the new patched version ATI Systems will be releasing are vulnerable. Customers should seek clarification from the vendor.

KNOWN DEPLOYMENTS OF ATI SYSTEMS EMERGENCY ALERT SYSTEMS

ATI customers include the City of San Francisco, other large urban and rural communities, military installations, universities, and industrial sites including oil and nuclear power generation plants.  Featured customers on the company’s website include One World Trade Center, Indian Point Energy Center nuclear power station, UMass Amherst, and the West Point Military Academy. 

If you suspect that public emergency alerting system near you might be vulnerable to SirenJack please let us know.  We are unable to visit all locations, but if we have an update we will publish.