Emergency Alert System hacked [telecom]


The government planned & designed a modification to the EAS (Emergency Alert System) that connects the EAS encoders at [all] the TV [stations], all cable channels, all satellite channels, and all broadcast radio stations to the */_Internet_/*.

When I first heard that plan a few years ago, I said "No, they can't be serious".

This happened yesterday, and I'm amazed it took so long:

formatting link

formatting link

Ken Hoehn

Reply to
Ken Hoehn
Loading thread data ...

formatting link

The link that Mr. Hoehm provided points to a story about how a fraudulent message was sent out over the Emergency Alert System equipment at several Midwest TV stations. The alert, which contained a warning about bodies rising from their graves and attacking the living, is shown on the U-Tube video linked above.

I interviewed Eric Smith, the General Manager at WNMU, which was one of the stations affected, and asked him to comment on various aspects of the incident. Mr. Smith's insights showed both a refreshing candor, and a command of network essentials that is rare among executives, and I pass them along to improve the ratio of bandwidth to content.

There were a couple of surprises: Mr. Smith took pains to say that the security lapse was outside the EAS itself, and that the breach occurred via equipment located at the TV station. He said "People were gaining accesss to these local boxes, and these were one of a kind attacks that they were executing". When I asked if the EAS transmissions were enciphered, Mr. Smith answered by saying "I'm convinced that EAS is secure": while I applaud Mr. Smith for not dodging the issue, I'm curious if the readers can provide information about the EAS, and if there's any legal restriction that might prevent us discussing it's setup or security.

The second surprise was, as I say, that Mr. Smith showed a level of candor that I find both refreshing and puzzling: I had a career as a broadcast engineer in a previous life, and I found out that hard way that TV stations aren't usually forthcoming when it comes to their internal politics or technology. Mr. Smith declared that "We were fortunate that the message was benign", and said "They did us a favor", when I asked about the security fault that enabled the attack. He went on to say "part of the problem is, sometimes as broadcasters we install these systems, and we're focused on implementation and operation instead of security."

When I asked for additional details, Mr. Smith said that "this has pointed out that security is as critical as some of the other considerations we have in maintaining these systems." He continued with a surprising analogy: "I kind of liken it to washing your hands. If you're not tuned in to germs and viruses, you don't see the need to wash your hands".

I wondered aloud if old analog techs like me, whom were trained to push amps out the antenna and condemned to endlessly pursue the last half-percent of harmonic distortion, were up to the task of securing digital equipment from intrusion. Although Mr. Smith didn't respond to my implied question directly, he did say that "there have been lots of improvements, and many changes, but along with that comes the need to recognize security and to make sure that staions have people who understand those issues and can take care of them."

In summary, then:

  1. This was a security breach in purpose-built equipment located at the stations in question.

  1. The EAS itself was not hacked: someone found a backdoor into local boxes.

  2. Although the possibility of the viewing public overreacting to a report of Zombies is admittedly remote, this breach reminds us of the Defender's Dilemma: security is about covering up *ALL* the holes, not just the ones that are obvious or known in the trade.

In closing, I pass along Mr. Smith's answer to my question "What would you change"? He said "I would have gone back during the installation process and I would have asked different questions. ... Security will now be as important as price, capabilities, and all those other things."

Bill Horne Moderator

Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.