EAS experts are cautioning broadcasters to change the password of their Emergency Alert System because of three known hacking incidents.
The first occurred in Montana; today, we learn of two others in Michigan.
The SBE National EAS committee urges station personnel to make sure the password of their Web interface for their Common Alerting Protocol EAS encoders/decoders is different from the factory default to thwart more potential hacking incidents.
Several broadcasting Listservs are reporting attempts to hack into EAS encoders/decoders with the apparent intent of transmitting bogus alerts.
The first station says a bogus alert aired yesterday. KRTV(TV), Great Falls, Mont., says hackers breached their EAS and announced that there was an emergency in several Montana counties. “This message did not originate from KRTV and there is no emergency,” said the station on its website, which added that its engineers were looking into what happened and if other stations were affected as well.
The fake alert warned about “dead bodies rising from the grave, and attacking the living,” according to the Great Falls Tribune, which added that the fake alert was also on the station’s website and Facebook page before being removed.
One engineer in Salt Lake City said on the SBE EAS Listserv he headed off such an attack: “There was no record of anything received on the box (CAP or legacy) but there was a transmission about bodies rising from the grave under a CEM header. I headed it off before any of our main channel stations aired it but it did auto-forward to our HD2 channels, as such an ‘emergency’ should have.”
The Mining Journal in Marquette, Mich. reports the “zombie” bogus alerts aired on two television stations in the Upper Peninsula as well: WNMU(TV) and WBUP(TV).
WNMU GM Eric Smith told the Journal this morning authorities found the source of the hacking overseas and the loophole in his station’s system has been closed.
The FCC and FBI were reportedly involved in investigating the incidents, along with local and state authorities, according to the account. RW is trying to confirm that information.
Engineers stress that stations should ensure their IP network for any piece of gear is firewall-protected and has a strong password.