Skip to main content

Stations' Emergency Alert System Hacked, Warns of Zombies

UPDATED: A hacker with an apparent taste for zombie culture
reportedly broke into the Emergency Alert System at multiple TV stations and broadcasted a bogus zombie-related emergency. The message on KRTV Great Falls (Mont.) interrupted programming Feb. 11 and told
viewers, in a garbled voice, that zombies were rising from their graves and
hunting down the living.

"Our Emergency Alert
System was hacked," said news director Heath Heggem. "The matter is
under investigation."

The KRTV website added, "Our engineers are
investigating to determine what happened and if it affected other media

"This appears to be a breach of security of a product used by some local
broadcasters," said a spokesman for FEMA. "FEMA's integrated public
alert and warning system was not breached or compromised and this had no
impact on FEMA's ability to activate the Emergency Alert System to
notify the American public.  FEMA will continue to support the FCC and
other federal agencies looking into the matter."

Zombies have emerged as a pop culture phenomenon. AMCseries Walking Dead returned Feb. 10with 12.3 million viewers tuning in to the season premiere.

Compared with the massive numbers for AMC's show, the affected markets reach modest audiences. KRTV is a CBS affiliate with the CW on its dot-two. It is
owned by Cordillera. Great Falls is DMA No. 190.

The Bachelorette
and The Carrie Diaries were airing on WBUP-WBKP Marquette (Mich.) when the zombie message broke through the programming. "It appears to be the same content," says Cynthia Thompson, station manager and news director at the duopoly.

Thompson says local police, Michigan state police and the FBI are investigating, as is the FCC. "It involves all of them," she says. "You're dealing with a security issue, a communications issue, a safety issue."

She added that she believes a handful of stations in other states were hit by the zombie message.

Ed Czarnecki, senior director of strategy and regulatory
affairs at Monroe Electronics, which manufactures EAS systems, noted that the
events highlighted the importance of improved IT security at stations.

"There has been a lot of interesting speculation about what
happened but the EAS devices were not themselves hacked," he argues. Rather
someone or some group, hacked through the station's firewall and then was able
to gain access to the EAS devices because the default passwords for the EAS
devices were not changed.

"There is no flaw in the device, this is a matter of not updating the administrative password," Czarnecki said. In some ways, the bogus zombie alerts were a blessing in disguise, he added. "It is a reminder that stations need to inspect all of their devices and make sure they aren't set to factory defaults." In 2011, Monroe issued a white paper on best security practices.

Additional reporting
by George Winslow and John Eggerton.