The Federal Communications Commission (FCC) is warning broadcasters that they must maintain cybersecurity standards after a cyber breach resulted in the broadcast of obscene materials and a false emergency alert.
In a Nov. 26 memo, the FCC’s Public Safety and Homeland Security Bureau said that broadcasters must ensure the security of their broadcast networks and systems.
The reminder follows a string of recent cyber intrusions after threat actors gained access to improperly secured Barix equipment through a compromised studio-transmitter link, the FCC said.
“Affected stations broadcast to the public an attacker inserted audio stream that includes an actual or simulated Attention Signal and [Emergency Alert System (EAS)] alert tones, as well as obscene language, and other inappropriate material,” the memo states.
All broadcasters, especially those using Barix equipment, should take steps to secure it, the memo said, including installing software security patches when they become available, changing devices’ default passwords, utilizing network firewalls when possible, monitoring equipment, and reviewing recommended best cybersecurity practices.
“We encourage broadcasters to contact their EAS equipment manufacturers with any specific questions regarding the security of EAS equipment,” the FCC said.
“If you suspect that broadcast equipment has been subject to attempts at unauthorized access, we recommend you contact the equipment manufacturer and/or a data security firm,” the agency added.