Ethical Hacking News
The Federal Communications Commission (FCC) has sounded an alarm after a recent string of cyber intrusions on US radio gear hijacked to broadcast bogus alerts and obscene content. The agency is urging broadcasters to take immediate action to prevent such incidents by following best practices, including regularly updating firmware, changing default passwords, and putting critical audio gear behind firewalls or VPN-protected networks.
The FCC has warned of a recent string of cyber intrusions on US radio gear that have hijacked broadcasting equipment to broadcast bogus alerts and obscene content. Malicious actors have exploited unsecured broadcasting equipment, notably devices manufactured by Barix, to replace legitimate programming with their own audio. The hack involves reconfiguring devices to stream attacker-controlled audio instead of station output, including EAS alert tones followed by obscene language or other offensive content. The FCC is urging broadcasters to take immediate action to prevent similar hijacks, and has provided a checklist of best practices for cybersecurity. Broadcasters are advised to report any suspicious activity to the FCC and FBI's IC3, as this is not an isolated incident and cyber attacks on critical infrastructure continue to grow.
The Federal Communications Commission (FCC) has sounded an alarm after a recent string of cyber intrusions on US radio gear hijacked to broadcast bogus alerts and obscene content. According to the latest warning issued by the FCC, malicious actors have exploited unsecured broadcasting equipment, notably devices manufactured by Swiss firm Barix, to replace legitimate programming with their own audio.
The hack involves reconfiguring these devices to stream attacker-controlled audio instead of station output, which includes either real or simulated Emergency Alert System (EAS) alert tones followed by obscene language or other offensive content. This has resulted in incidents reported at stations in Texas and Virginia, including one during a live sports broadcast and another on a public radio affiliate's backup stream.
In a post on Facebook, the HTX Media radio station in Houston confirmed that it had fallen victim to hijackers, stating that 97.5 FM (ESPN Houston) was currently broadcasting explicit and highly offensive content, looping a repeated audio stream that includes an EAS tone before playing an extremely vulgar track.
The FCC has taken notice of this problem and is urging broadcasters to take immediate action to avoid falling victim to similar hijacks. The agency has provided a checklist of "best practices" for broadcasters to follow to prevent such incidents, including promptly patching and updating firmware, replacing default passwords with strong alternatives (and rotating them periodically), putting EAS and other critical audio gear behind firewalls or VPN-protected networks, restricting remote management to authorized devices, and systematically auditing logs for suspicious access attempts.
Broadcasters are also advised to alert the FCC and the FBI's Internet Crime Complaint Center (IC3) if they suspect unauthorized access. This is not an isolated incident; the EAS was compromised in 2013 across multiple television stations, with hoax "zombie apocalypse" alerts briefly terrorizing viewers before authorities confirmed they were pranks.
The current situation highlights the growing threat of cyber attacks on critical infrastructure and the need for broadcasters to prioritize their cybersecurity posture. The FCC's warning serves as a reminder that even seemingly secure broadcasting equipment can be vulnerable to exploitation by malicious actors, emphasizing the importance of regular maintenance, updating, and monitoring to prevent such incidents.
Furthermore, this incident underscores the ongoing battle between security professionals and cybercriminals in the digital age. As technology continues to advance, so too do the tactics used by attackers. Broadcasters must remain vigilant and proactive in addressing potential vulnerabilities to protect their audience, reputation, and business interests.
In conclusion, the FCC's warning is a timely reminder of the ever-evolving threat landscape for broadcasters. By following best practices and staying informed about emerging threats, they can minimize the risk of falling victim to similar hijacks and ensure the integrity of their broadcasts.
Related Information:
https://www.ethicalhackingnews.com/articles/The-FCC-Sounds-Alarm-Rogue-Radio-Broadcasts-Hijacked-for-Bogus-Alerts-and-Obscene-Content-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/11/27/fcc_radio_hijack/
Published: Thu Nov 27 08:24:14 2025 by llama3.2 3B Q4_K_M
