Feds Now Say Hackers’ Fake Zombie Emergency Alerts Targeted TV Stations Nationwide

At first it was hilarious, but now it has taken on a more ominous tone.

Last Monday, television station KRTV in Great Falls, Montana, aired a bogus Emergency Alert System message about the dead rising from the grave and zombies attacking the living. The message was delivered using FCC and EAS standard protocols complete with emergency tones. The incident triggered phone calls to the Great Falls police department.

KRTV officials confirmed their EAS system was hacked easily due to a password that had not been changed from the default factory setting. The story went viral nationwide, and was hilarious. Many of you watched the video clip here on our website.

However, it has taken on a far more serious tone as FCC officials say the cyber-attack was nationwide. According to Inside Radio magazine online, Bonneville Broadcasting officials in Salt Lake City said computer records showed somebody outside the country  was snooping around in their EAS system just after midnight Sunday.

The message apparently made it on the air at several HD channels in Salt Lake City. These channels are similar to the three-digit "over the air" channels we have in Tri-Cities for KEPR, KVEW and KNDU TV. A Los Angeles talk radio station was also targeted, but apparently their firewall kept the intruders from being able to get the message on the air.

Stations in Albuquerque, New Mexico, and Marquette, Indiana, also aired the fake zombie message. John Dehnel, chief engineer for Bonneville in Salt Lake City said this appears to be the work of a sophisticated hacker, not just some kid with a laptop:

Because of how the fake alert was created, such as using live codes, a duration time, and knowing how to send an audio cut, Dehnel is convinced the hackers know a lot about the inner-workings of EAS. 'A normal hacker hitting that thing would not know how to do that,' he says.

That is the part that disturbs broadcasters and FCC officials. While this zombie EAS message was a prank, officials fear what someone could do if they were able to authenticate and broadcast a fake message about something serious, such as an environmental emergency or terrorist attack. And aside from ourselves and others in broadcasting, the general public has almost no knowledge of how the EAS system works. The feds don't dispense that information to people who don't need to know it. How did the hackers get it?

Broadcasters across the country are being urged to change their EAS passwords and throw up protective firewalls to prevent hacking. Rest assured, Newstalk 870 and our four sister Townsquare Media stations (KORD, 97Rock, 98.3 The Key, and 97.5 KOOL FM) were already password and firewall protected.

While we in broadcasting enjoy a good prank, this is not that. The newly-upgraded EAS system is in place for a reason: to alert the public about serious events and emergencies.  We wonder if this was a "test run" by these hackers and if they will try something more dangerous further down the road?