"Malicious intruders have hijacked US radio gear to turn emergency broadcast tones into a profanity-laced alarm system. That's according to the latest warning issued by the Federal Communications Commission (FCC), which has flagged a "recent string of cyber intrusions" that diverted studio-to-transmitter links (STLs) so attackers could replace legitimate programming with their own audio - complete with the signature "Attention Signal" tone of the domestic Emergency Alert System (EAS)."
"According to the alert, the intrusions exploited unsecured broadcasting equipment, notably devices manufactured by Swiss firm Barix, which were reconfigured to stream attacker-controlled audio instead of station output. That stream included either real or simulated EAS alert tones, followed by obscene language or other offensive content. Stations in Texas and Virginia have already reported incidents, including one during a live sports broadcast and another on a public radio affiliate's backup stream."
"The FCC's notice doesn't just sound the alarm about the problem - it offers a checklist of "best practices" broadcasters should follow to avoid falling victim to similar hijacks. These include promptly patching and updating firmware, replacing default passwords with strong alternatives (and rotating them periodically), putting EAS and other critical audio gear behind firewalls or VPN-protected networks, restricting remote management to authorized devices, and systematically auditing logs for suspicious access attempts."
Malicious intruders hijacked US radio studio-to-transmitter links (STLs) to replace legitimate programming with attacker-controlled audio that included real or simulated Emergency Alert System (EAS) tones followed by obscene language. The intrusions exploited unsecured broadcasting equipment, notably devices from Swiss firm Barix, which were reconfigured to stream attacker audio. Stations in Texas and Virginia reported incidents, including one during a live sports broadcast and a public radio affiliate's backup stream; HTX Media in Houston confirmed explicit content on 97.5 FM. The FCC warned broadcasters and recommended patching firmware, using strong rotated passwords, VPNs or firewalls, restricting remote management, and auditing logs.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]