Stations' Emergency Alert System Hacked, Warns of Zombies

KRTV Great Falls (Mont.), WBUP-WBKP Marquette (Mich.) among those hit; matter being investigated by FBI

By Michael Malone -- Broadcasting & Cable, 2/12/2013 10:25:39 AM

UPDATED: A hacker with an apparent taste for zombie culture reportedly broke into the Emergency Alert System at multiple TV stations and broadcasted a bogus zombie-related emergency. The message on KRTV Great Falls (Mont.) interrupted programming Feb. 11 and told viewers, in a garbled voice, that zombies were rising from their graves and hunting down the living.

"Our Emergency Alert System was hacked," said news director Heath Heggem. "The matter is under investigation."

The KRTV website added, "Our engineers are investigating to determine what happened and if it affected other media outlets."

"This appears to be a breach of security of a product used by some local broadcasters," said a spokesman for FEMA. "FEMA's integrated public alert and warning system was not breached or compromised and this had no impact on FEMA's ability to activate the Emergency Alert System to notify the American public.  FEMA will continue to support the FCC and other federal agencies looking into the matter."

Zombies have emerged as a pop culture phenomenon. AMC series Walking Dead returned Feb. 10 with 12.3 million viewers tuning in to the season premiere.

Compared with the massive numbers for AMC's show, the affected markets reach modest audiences. KRTV is a CBS affiliate with the CW on its dot-two. It is owned by Cordillera. Great Falls is DMA No. 190.

The Bachelorette and The Carrie Diaries were airing on WBUP-WBKP Marquette (Mich.) when the zombie message broke through the programming. "It appears to be the same content," says Cynthia Thompson, station manager and news director at the duopoly.

Thompson says local police, Michigan state police and the FBI are investigating, as is the FCC. "It involves all of them," she says. "You're dealing with a security issue, a communications issue, a safety issue."

She added that she believes a handful of stations in other states were hit by the zombie message.

Ed Czarnecki, senior director of strategy and regulatory affairs at Monroe Electronics, which manufactures EAS systems, noted that the events highlighted the importance of improved IT security at stations.

"There has been a lot of interesting speculation about what happened but the EAS devices were not themselves hacked," he argues. Rather someone or some group, hacked through the station's firewall and then was able to gain access to the EAS devices because the default passwords for the EAS devices were not changed.

"There is no flaw in the device, this is a matter of not updating the administrative password," Czarnecki said. In some ways, the bogus zombie alerts were a blessing in disguise, he added. "It is a reminder that stations need to inspect all of their devices and make sure they aren't set to factory defaults." In 2011, Monroe issued a white paper on best security practices.

Additional reporting by George Winslow and John Eggerton.