Not every broadcast engineer is a member of the Society of Broadcast Engineers — although everyone should be, in my opinion.
On Feb. 4, this message was sent by the FCC to SBE to disseminate to its members regarding more reports of cybersecurity threats to transmitters. For those of you who missed it, the message reads:
The Federal Communications Commission is requesting your assistance in disseminating the information below to your organization’s members.
It has come to our attention that unauthorized persons recently may have illegally gained access to certain audio streaming devices used by broadcasters, and may have transmitted potentially offensive or indecent material to the public. We believe that the reported cases involved unauthorized access to equipment manufactured by Barix, which some licensed broadcasters use for studio-to transmitter (STL), remote broadcast (remote) and similar audio connections. We understand that the unauthorized access to the devices may be due, in part, to instances where the licensee fails to set a password for devices with no default password, or to reset default passwords on the Barix device.
We urge licensees to take all available precautions to prevent future unauthorized transmissions. In many cases, there may be simple, practical solutions to prevent such situations from occurring. For example, we strongly encourage licensees that use Barix devices, as well as other transmitting equipment, to check and, if necessary, add a password, or reset existing passwords with new, robust passwords. Similarly, if a broadcast station experiences turnover in staff who had access to passwords, we encourage licensees to reset the password to ensure future security. We also recommend that broadcasters investigate whether additional data security measures, such as firewalls or VPNs configured to prevent remote management access from other than authorized devices, in some cases, could be implemented to preserve this potentially critical part of the broadcast transmission chain. If you suspect that broadcast equipment has been subject to attempts at unauthorized access, we also recommend that you contact the equipment manufacturer and/or a data security firm. We also suggest that you notify the FCC Operations Center at 202-418-1122 or FCCOPCenter@fcc.gov of suspected unlawful access.
If you have any questions, please contact Lark Hadley, the regional director for the Enforcement Bureau’s Region Three via WR-Response@fcc.gov.
FCC/Enforcement Bureau/Office of the Field Director/Field Director