UPDATE: EAS hacker found

The hacker responsible for creating and airing a bogus Emergency Alert System message on the air at ABC 10 – CW 5 Monday evening and at least three other TV stations, including WNMU-TV 13 at Northern Michigan University, has been found.

It has been determined that a ‘back door’ attack allowed the hacker to access the security of the EAS equipment.

ABC 10 – CW 5 will continue to work with federal and state agencies, including law enforcement and security experts, on the investigation of this incident.

——————–

The Monday night rogue attack of the Emergency Alert System on ABC 10 and its’ sister station CW 5, is being investigated by station personnel and many other agencies.

An emergency alert at approximately 8:36 p.m. Monday interrupted programming on both TV stations with a message scrolling across the bottom of the screen, proclaiming  ”dead bodies are rising from their graves.”  The alert claimed the bodies were “attacking the living.”

The ABC 10 and CW 5  Operations staff immediately disconnected the two stations from the EAS system to prevent any further attacks and/or additional erroneous messages.  Station management posted a ‘correction-clarification’ message on the screen, and on this website, to explain the cyber attack.

Other TV stations, including Northern Michigan University’s WNMU-TV 13 and Great Falls, Montana station KRTV, also had a similar “zombie” message posted by the hackers.

ABC 10/CW 5, owned and operated by Lake Superior Community Broadcasting, is working with the Federal Communications Commission, the Michigan Association of Broadcasters, local and state law enforcement and cyber security experts to investigate the attack.  Additionally, the manufacturer of the EAS equipment has been contacted to evaluate the attack.  The station will also coordinate efforts with WNMU-TV13.

Providing Emergency Alert information is a vital duty of a broadcaster.  The nature of the message Monday night was not necessarily dangerous, but the fact that the system was vulnerable to outside intrusion IS a danger.

The EAS is a national public warning system that requires broadcasters, cable television systems, wireless cable systems, satellite digital audio radio service providers, and direct broadcast satellite providers to provide the communications capability to the President to address the American public during a national emergency. The system also may be used by state and local authorities to deliver important emergency information, such as AMBER alerts and weather information targeted to specific areas.

The Federal Communications Commission, in conjunction with Federal Emergency Management Agency (FEMA) and the National Oceanic and Atmospheric Administration’s National Weather Service (NWS), implements the EAS at the federal level. The President has sole responsibility for determining when the EAS will be activated at the national level, and has delegated this authority to the director of FEMA. FEMA is responsible for implementation of the national-level activation of the EAS, tests, and exercises. The NWS develops emergency weather information to alert the public about imminent dangerous weather conditions.

The apparent cyber attack, despite the odd “zombie” content of the bogus message, is being taken very seriously by the staff, management and owner of Lake Superior Community Broadcasting.   Every effort will be made to work with other agencies to determine the hacker’s access to the EAS equipment and to prevent any further intrusions.