On February 11, 2013, the Emergency Alert System (EAS) of five different television stations across the U.S. states of Montana, Michigan, Wisconsin, and New Mexico were hijacked, interrupting each television broadcast with a local area emergency message warning viewers of "bodies of the dead" whom are "attacking the living". The message was subsequently declared as a hoax by local authorities and was reported to be a result of hackers gaining access to the Emergency Alert System equipment of various television stations.[1][2][3][4][5]
The first incident took place in Great Falls, Montana, during an afternoon airing of The Steve Wilkos Show on CBS affiliate television station KRTV. The television signal was abruptly interrupted by an audible local area emergency alert reading "Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living". Later the same day the stations of CBS affiliate WKBT-DT, ABC affiliate WBUP, and PBS member station WNMU in Marquette, Michigan, and La Crosse, Wisconsin, respectively, had their Emergency Alert System hijacked, transmitting a similar hoax alert during their primetime programming hours. Not long afterwards, the television broadcasts of PBS affiliate KENW in Portales, New Mexico were also interrupted by the false alert. The hijackers were never identified or apprehended by authorities.[6][7]
Just two days after the initial hijackings on February 13, 2013, a morning show on WIZM-FM in La Crosse aired an audio recording from the hoax alert, which triggered WKBT-DT's Emergency Alert System once more, relaying the message over the television station's broadcast signals. On February 28, 2017, radio station WZZY in Winchester, Indiana, had their emergency alert equipment hijacked in an almost identical manner using the same "zombie apocalypse" hoax audio message as the one used in the incidents in 2013.[8][9][10] CBS, ABC, and PBS hardware engineers who investigated the initial incidents reported that the hijackers likely gained access to the Emergency Alert Systems through a variety of weaknesses in the various station's emergency alert equipment, including a vulnerability in the machine's authentication bypass security and the usage of default passwords that were listed on online user manuals.[11][1]
Hijackings
All five emergency alert hijackings took place on February 11, 2013, in Great Falls, Montana, Marquette, Michigan, La Crosse, Wisconsin, and Portales, New Mexico. The hijackings primarily compromised the television stations of KRTV, WKBT-DT, WBUP, WNMU, and KENW; however, the incident also led to stations ABC10 and its sister station CW 5 to disconnect their networks from the EAS system to prevent further intrusions. WKBT-DT was also struck again with the same hoax alert only two days after the initial incidents after a morning show on WIZM-FM triggered WKBT's Emergency Alert System. In February 2017, radio station WZZY in Randolph County, Indiana, was also hijacked with an identical "zombie apocalypse" EAS alert as the ones in 2013.[1][6][7]
Methods
There are numerous methods hackers will use to hijack the Emergency Alert System; however, the likely method used by the hijackers of the "zombie apocalypse" hoax, as reported by authorities and the television station engineers, was that the hackers were able to gain access to the emergency alert equipment via default system passwords that were listed in public user manuals. This would have came as a result of television station broadcasters neglecting to change the factory default logins and passwords on their equipment.[11][28][29]
Government response
A failure to prevent access into emergency alert equipment by broadcasters has been the subject to most of cybersecurity breaches of the Emergency Alert System. As a result, the federal government has made numerous statements to television broadcasters that a neglection to investigate unpatched software vulnerabilities and failure to implement secure passwords for EAS machines will lead to a massive failure in equipment security and a major cybersecurity breach such as the one in 2013.[30]
Aftermath and investigation
Following the hijacking incidents, both the FCC and the FEMA urged the broadcasters involved in the incidents to reset their passwords and recheck security measures. Trade groups, including the Michigan Association of Broadcasters, also requested that its partnered television stations, including WBUP and WNMU in Michigan, to update any unpatched security vulnerabilities of their emergency alert devices.
Investigations into the hijackings occurred via both local and federal authorities, with possible investigations partaken by the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC), who initially detected that the hijackings came from an overseas source.[32]
Shortly after the hijackings occurred, the Great Falls Police Department announced to the Great Falls Tribune that the alert was a hoax and there was no danger in the areas surrounding Great Falls. Similarly, almost immediately after the false emergency message aired, KRTV announced on air: "This message did not originate from KRTV, and there is no emergency".[33][34][35]
See also
- Broadcast signal intrusion
- Emergency Alert System
References
- Dan Goodin. Bogus zombie apocalypse warnings undermine US emergency alert system Ars Technica, 2013-02-14, retrieved 2023-10-29^
- Mathew J. Schwartz. Zombie Alert Hoax: Emergency Broadcast System Hacked Dark Reading, 2013-02-12, retrieved 2023-10-29^
- Melissa Anders. Zombie apocalypse now? Michigan TV stations' Emergency Alert Systems hacked with notice of walking dead