“Zombies” attack Emergency Alert Systems of local TV stations

It was a bizarre emergency announcement: “Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. Follow the messages onscreen that will be updated as information become available. Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous.”

Those strange words came as an Emergency Alert System (EAS) voiceover warning last week at CBS affiliate KRTV in Great Falls, MT. It was preceded by the standard EAS attention signal during a broadcast of “The Steve Wilkos Show” on the station.

The same content was also broadcast on WBUP-WBKP in Marquette, MI, during the airing of ABC’s “The Bachelorette” and The CW network’s “The Carrie Diaries.” There were also reports that the message may have been broadcast at other small stations in the U.S.

Following the breach that had occurred to its EAS equipment, KRTV issued its own statement: “Someone apparently hacked into the Emergency Alert System and announced on KRTV and the CW that there was an emergency in several Montana counties,” the station said. “This message did not originate from KRTV, and there is no emergency. Our engineers are investigating to determine what happened and if it affected other media outlets.”

The FBI, local police and FEMA are also investigating the incident.

“We can report in the city, there have been no sightings of dead bodies rising from the ground,” Lt. Shane Sorensen of the Great Falls Police Department told the Great Falls Tribune.

FEMA was taking the matter more seriously. A spokesperson said the integrated public alert and warning system was not breached or compromised, and the breach had no impact on FEMA’s ability to activate the Emergency Alert System to notify the American public of emergencies. 

According to Monroe Electronics, a manufacturer of EAS Systems, the EAS devices themselves weren’t hacked. It was operator error. Upon receiving EAS gear, stations are supposed to institute their own passwords and override the default setup.

In this case, Monroe said, someone hacked through the television station’s firewall and was able to gain access to the EAS devices because the default passwords for the EAS devices had not been changed.

A spokesman for the company said stations need to inspect all of their EAS devices to make sure they aren’t set to factory defaults. It has put out a white paper with security warnings about such scenarios.

Zombies are currently a pop culture phenomenon in the U.S. "Walking Dead," an AMC series, returned Feb. 10 with 12.3 million viewers tuning in to the season premiere. There was some media speculation that the hack might have been a promo for the show.

If so, someone was taking a big risk. They could face misdemeanor charges of “tampering with a safety device,” which includes penalties of up to a year in jail and a $1000 fine.