WASHINGTON – The Federal Communications Commission is requiring all broadcast and cable operations to secure their Emergency Alert System equipment. The commission issued an urgent advisory yesterday after EAS systems were hacked at several stations and fake alerts about zombie invasions were transmitted. The EAS system was transitioned in recent years to an Internet Protocol format and a Common Alerting Protocol that makes it available to all manner of public-safety authorities, but also vulnerable to hacking.
The FCC urged participants “to take immediate action to secure their CAP EAS equipment, including resetting passwords, and ensuring CAP EAS equipment is secured behind properly configured firewalls and other defensive measures. All CAP EAS equipment manufacturer models are included in this advisory.”
The advisory directs “all broadcast and cable EAS participants… to take the following actions immediately:
1. EAS participants must change all passwords on their CAP EAS equipment from default factory settings, including administrator and user accounts.
2. EAS participants are also urged to ensure that their firewalls and other solutions are properly configured and up-to-date.
3. EAS Participants are further advised to examine their CAP EAS equipment to ensure that no unauthorized alerts or messages have been set (queued) for future transmission.
4. If you are unable to reset the default passwords on your equipment, you may consider disconnecting your device’s Ethernet connection until those settings have been updated.
5. EAS Participants that have questions about securing their equipment should consult their equipment manufacturer. The advisory is avalable at /portals/0/FCC Urgent EAS Advisory.pdf
More about regulatory and standards
