UK Emergency Alerts: Has my phone been hacked? All your security questions, answered

UK Emergency Alerts: Has my phone been hacked? All your security questions, answered

Key mobile security experts explain how the new alert system works – and whether it could be hijacked by hackers.

Save 40% when you subscribe to BBC Science Focus Magazine!
Published: April 23, 2023 at 1:17 pm

No, it’s not a scam: If you receive an alert this weekend claiming to be from a new emergency system, it’s a genuine message from the UK government.

The alert, accompanied by a siren noise, is scheduled to reach UK smartphones and tablet devices connected to 4G and 5G phone networks at 3pm on Sunday 23 April 2023.

The UK government has said that in future the Emergency Alerts system will tell you if there is a danger to your life nearby. The message on Sunday is only a test and is not informing you of a real threat.

But how exactly will the government use this system in future? Does the emergency system effectively hack your device to show this alert? And could the system itself be hacked in future? With help of security experts, we answer all these questions and more below.

What is the UK Emergency Alert system?

Emergency Alerts is a new service that the UK government or emergency services will use to warn you if there’s a danger to your life nearby.

On Sunday, there will be a national test of the service across all devices connected to a 4G or 5G network.

In England, Northern Ireland and Scotland, the message will read: "This is a test of Emergency Alerts, a new UK government service that will warn you if there's a life-threatening emergency nearby.

"In a real emergency, follow the instructions in the alert to keep yourself and others safe.

"Visit gov.uk/alerts for more information.

"This is a test. You do not need to take any action."

In Wales, the message will also include a Welsh translation.

The message is designed to appear on your home screen alongside a loud siren-like sound (or vibration, if your phone is on silent) lasting 10 seconds.

To get rid of this message, simply swipe it away or click ‘okay’, as demonstrated here. If you accidentally swipe away from an alert before reading it, you can see what alerts are active via the UK government website.

Read more:

Which devices will receive the alerts?

Most Apple and Android devices that can connect to a 4G or 5G phone network in the UK will receive emergency alerts.

To receive alerts, your device needs to be using these operating systems:

  • Phones running iOS 14.5 or later
  • phones and tablets running Android 11 or later

Older phones, or those set to aeroplane mode or turned off, will not receive the alerts. Devices that are only connected to a wifi network will also not receive the alert.

Will the government use the Emergency Alerts system to hack my phone?

No, the Emergency Alerts system does not work by hacking your device, and the message does not gather data from your phone.

As Prof Nigel Linge – telecommunications expert at the University of Salford, Manchester – explains, the alert instead works by sending a one-way signal from standard mobile phone masts to all devices in the area.

“Think of it in the same way as how a programme on BBC One is broadcast via a transmitter mast and received by any television within range of that mast and is tuned to that particular channel,” he tells BBC Science Focus.

“No personal data is involved in the process and the Government won’t even know which phones have received the message because it is a one-way process.

“The Emergency Alert system has absolutely nothing to do with phone hacking.”

The UK government has also said: “The emergency services and the UK government do not need your phone number to send you an alert. Data about you, your device or location will not be collected or shared.”

Linge adds: “Should people be concerned then they can configure your smartphone to ignore such alerts.”

Read more:

How can I disable emergency alerts on my phone?

While it is not recommended – the messages are intended to alert you of dangerous events nearby – you can disable these messages on your device.

Here's how:

iPhones

  1. Open your settings menu
  2. Press notifications, then scroll to emergency alters
  3. Toggle off “Extreme Alerts” and “Severe Alerts”

Android devices

  1. Open your settings menu
  2. Press “safety and emergency”
  3. Press “Wireless emergency alerts”
  4. Toggle off “Allow alerts”

Could the Emergency Alerts system itself be hacked?

Although there is no indication that the UK’s Emergency Alerts service is especially vulnerable, the system is unlikely to be completely protected.

"No system is 100 per cent secure," Prof Mark Ryan, head of theCentre for Security and Privacy at the University of Birmingham, tells BBC Science Focus.

"The system will employ passwords and other authentication mechanisms – the weakest link is likely to be the way in which those credentials are stored and shared."

Security concerns have been raised about alert services around the world. For instance, in 2022, the Department of Homeland Security in the US announced that it was forced to fix a system flaw that allowed hackers and scammers to send out alerts to mobile devices.

While not a hack, worrying alerts can also be sent accidentally. In 2018, residents in Hawaii were falsely warned of an incoming ballistic missile attack.

How might Emergency Alerts be used in the future?

The test on Sunday will be sent across all phone masts in the UK. However, future alerts may only cover specific areas to warn about rare emergency events such as severe flooding, fires or extreme weather.

“The test will be carried out nationwide within the UK, but the service does provide for a more localised option,” explains Linge.

“For example, if there was a terrorist attack within a city centre, then an emergency alert could be sent only to those phones that are physically close to where that attack occurred.”

Many countries around the world use such localised alert systems, including the US, Japan, France and Australia.

About our experts

Nigel Linge is a professor of Telecommunications at the University of Salford, Manchester. He researches the workings of 5G networks and location-based services. His work has been published in journals including Security And Communication Networks and the Journal Of Computational And Theoretical Nanoscience.

Mark Ryan is a professor in computer security at the University of Birmingham, where he leads the Centre of Security and Privacy. His research has been published in journals including the International Journal Of Information Security and The Computer Journal.

Read more:

©Lorenzo Ranieri Tenti