"In some cases, the Attention Signal of the US Emergency Alert System was also misused, a warning sound that precedes official announcements about tornadoes, hurricanes, earthquakes, and other emergencies. The FCC confirms that attackers were able to reconfigure the devices so that they no longer transmitted the regular program stream, but instead transmitted an audio source controlled by the attackers."
"The problem seems to lie mainly with Barix devices that are connected to the internet without adequate security measures. Devices were often found to have default passwords or were open to external access without filtering. Once inside, attackers could easily change the audio stream or inject Emergency Alert System tones. The FCC emphasizes that broadcasting actual or simulated EAS signals without authorization is a serious violation, as these signals are intended for official emergency communications."
"Broadcasters are strongly advised to install software updates and firmware patches immediately, replace default passwords with strong alternatives, and place their equipment behind firewalls. The FCC also requests active monitoring of log files to detect unauthorized access more quickly."
Attackers have hijacked radio broadcasts by exploiting insecure studio-transmitter links and internet-accessible Barix audio equipment. Malicious actors gained unauthorized access to inadequately secured devices, reconfigured them to transmit attacker-controlled audio, and in some incidents injected or misused the Emergency Alert System Attention Signal. Several cases occurred in Texas and Virginia, where offensive material briefly aired. Devices were often reachable with default passwords or without access filtering. The FCC warns that broadcasting real or simulated EAS tones without authorization is a serious violation and urges immediate patching, strong passwords, firewalls, and active log monitoring while following established security guidelines.
Read at Techzine Global
Unable to calculate read time
Collection
[
|
...
]