2013 Emergency Alert System Hijackings

Last updated
2013 Emergency Alert System Hijackings
DateFebruary 11, 2013;11 years ago (2013-02-11)
Venue KRTV
WKBT-DT
WBUP
WNMU
KENW
Location United States
Type Broadcast signal intrusion
CauseEAS equipment security vulnerabilities.
PerpetratorHacker

On February 11, 2013, the Emergency Alert System of five different television stations across the U.S. states of Montana, Michigan, Wisconsin, and New Mexico were hijacked, interrupting each television broadcast with a Local area emergency message warning viewers of a zombie apocalypse. The message was subsequently declared as a hoax by local authorities and was reported to be a result of hackers gaining access to the Emergency Alert System equipment of various television stations. [1] [2] [3] [4] [5]

Contents

The first incident took place in Great Falls, Montana, during an afternoon airing of The Steve Wilkos Show on CBS affiliate television station KRTV. The television signal was abruptly interrupted by an audible Local area emergency alert reading "Local authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living". Later the same day the stations of CBS affiliate WKBT-DT, ABC affiliate WBUP, and PBS member station WNMU in Marquette, Michigan, and La Crosse, Wisconsin, respectively, had their Emergency Alert System hijacked, transmitting a similar "Zombie Apocalypse" alert during their primetime programming hours. Not long afterwards, the television broadcasts of PBS affiliate KENW in Portales, New Mexico were also interrupted by the false alert. The hijackers were later apprehended by authorities shortly after the incident. [6] [7]

Just two days after the initial hijackings on February 13, 2013, a morning show on WIZM-FM in La Crosse aired an audio recording from the hoax alert, which triggered WKBT-DT's Emergency Alert System once more, relaying the message over the television station's broadcast signals. On February 28, 2017, radio station WZZY in Winchester, Indiana, had their emergency alert equipment hijacked in an almost identical manner using the same "zombie apocalypse" hoax audio message as the one used in the incidents in 2013. [8] [9] [10]

CBS, ABC, and PBS hardware engineers who investigated the initial incidents reported that the hijackers likely gained access to the Emergency Alert Systems through a variety of weaknesses in the various station's emergency alert equipment, including a vulnerability in the machine's authentication bypass security and the usage of default passwords that were listed on online user manuals. [11] [1]

Hijackings

All five emergency alert hijackings took place on February 11, 2013, in Great Falls, Montana, Marquette, Michigan, La Crosse, Wisconsin, and Portales, New Mexico. The hijackings primarily compromised the television stations of KRTV, WKBT-DT, WBUP, WNMU, and KENW; however, the incident also led to stations ABC10 and its sister station CW 5 to disconnect their networks from the EAS system to prevent further intrusions. WKBT-DT was also struck again with the same hoax alert only two days after the initial incidents after a morning show on WIZM-FM triggered WKBT's Emergency Alert System. In February 2017, television station WZZY in Randolph County, Indiana, was also hijacked with an identical "zombie apocalypse" EAS alert as the ones in 2013. [1] [6] [7] [12] [13]

KRTV

On the afternoon of February 11, 2013, at approximately 2:30 to 2:33 pm MST, an airing of The Steve Wilkos Show on KRTV's channels 1 and 2 was suddenly interrupted by a false Local area emergency alert transmitted by KRTV's Emergency Alert System after the system was hijacked via access to the television stations emergency alert equipment. Following the signal interruption, viewers were met with an audible message that read: [14] [15] [16] [17]

"Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. Follow the messages on-screen that will be updated as information becomes available. Do not attempt to approach or apprehend these bodies, as they are considered extremely dangerous. I repeat: civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. Follow the messages on-screen that will be updated as information becomes available. Do not attempt to approach or apprehend these bodies, as they are considered extremely dangerous. This warning applies to all areas receiving this broadcast. Tune into 920 AM to get updated information in the event that you are separated from your television or that the electrical service is interrupted."

The Emergency Area Alert warned viewers of "bodies from the dead" in the areas surrounding Powell, Broadwater, Jefferson, and Lewis & Clark counties. Not long after the broadcast was transmitted, local authorities declared the alert as a hoax. [18] The audio was later discovered to have been taken directly from a 2008 YouTube video titled "Zombie Emergency Alert System Warning (EAS)". The first sentence of the audio was also used in an Anthrax song, Fight 'Em 'Til You Can't. [19]

WKBT-DT, WBUP, WNMU

The second hijacking took place in Marquette, Michigan, and La Crosse, Wisconsin, when the Emergency Alert System for the television stations of WKBT-DT in La Crosse, and WBUP and WNMU in Maquette at approximately 3:55 pm MST, were hacked, interrupting the television broadcasts with the same "zombie apocalypse" alert as before. The signal interruption occurred during WNMU's and WBUP's primetime afternoon broadcasting of Barney & Friends and The Bachelor . [5] [20] [21]

KENW

The final hijacking took place in Portales, New Mexico, at 8:35 pm EDT, when television station KENW's Emergency Alert System was also hijacked, interrupting its television broadcasts with the same false emergency alert as the previous two incidents. The hackers were reportedly found by authorities shortly after the hijacking; however, further information on the perpetrators of the hijackings was never released. [22]

Similar incidents

A similar incident involving the "zombie apocalypse" EAS hijacking took place during a morning talk show broadcast by WIZM-FM in La Crosse, when the hosts of the show, who were reacting with laughter to the hoax, played the audio recording from the alert. However, producers of the show failed to edit out the Specific Area Message Encoding (SAME) tones used in the alert, which led to the triggering WKBT-DT's Emergency Alert System. As a result, WKBT-DT's emergency alert equipment relayed the message from the hoax over the stations regular programming.

The FCC has since strongly prohibited the usage of actual or simulated EAS/WEA and SAME tones outside of genuine emergency alerts to protect the integrity of the system and to prevent signal relay incidents like the one in 2013. Any broadcasters that use the tones outside of a real emergency may be heavily fined or sanctioned.

On February 28, 2017, radio station WZZY, 98.3, in Randolph County, Indiana aired the same "bodies rising from the dead" false alert message from 2013 after their SAGE ENDEC EAS equipment was hijacked. The incident prompted the Randolph County Sheriff's Department to make a public announcement clarifying that WZZY's emergency alert equipment had been hacked and that no emergency was present.

Methods

There are numerous methods hackers will use to hijack the Emergency Alert System; however, the likely method used by the hijackers of the "zombie apocalypse" hoax, as reported by authorities and the television station engineers, was that the hackers were able to gain access to the emergency alert equipment via default system passwords that were listed in public user manuals. This would have came as a result of television station broadcasters neglecting to change the factory default logins and passwords on their equipment. [11] [23] [24]

Government response

A failure to prevent access into emergency alert equipment by broadcasters has been the subject to most of cybersecurity breaches of the Emergency Alert System. As a result, the federal government has made numerous statements to television broadcasters that a neglection to investigate unpatched software vulnerabilities and failure to implement secure passwords for EAS machines will lead to a massive failure in equipment security and a major cybersecurity breach such as the one in 2013.

The Federal Emergency Management Agency (FEMA) has also stated to television broadcasters of certain vulnerabilities in EAS encoders/decoders that, if not updated, could allow outside sources to gain access to various television station's EAS equipment and broadcast emergency messages over regular programming. [11] [25]

Aftermath and investigation

Following the hijacking incidents, both the FCC and the FEMA urged the broadcasters involved in the incidents to reset their passwords and recheck security measures. Trade groups, including the Michigan Association of Broadcasters, also requested that its partnered television stations, including WBUP and WNMU in Michigan, to update any unpatched security vulnerabilities of their emergency alert devices.

Investigations into the hijackings occurred via both local and federal authorities, with possible investigations partaken by the Federal Bureau of Investigation (FBI) and the Federal Communications Commission (FCC), who initially detected that the hijackings came from an overseas source. The hackers involved in hijackings were reportedly caught and arrested; however, any further information on the perpetrators' identities or charge remain unknown.

Shortly after the hijackings occurred, the Great Falls Police Department announced to the Great Falls Tribune that the alert was a hoax and there was no danger in the areas surrounding Great Falls. Similarly, almost immediately after the false emergency message aired, KRTV announced on air: "This message did not originate from KRTV, and there is no emergency". [26]

Following the hijacking incident in February 2017, the Randolph County Sheriff's Department made a public statement announcing that the emergency alert was a false alarm and a hoax, after its local radio station, WZZY, was hacked with the same false emergency message.

See also

Related Research Articles

<span class="mw-page-title-main">Emergency Broadcast System</span> Former United States emergency warning system

The Emergency Broadcast System (EBS), sometimes called the Emergency Action Notification System (EANS), was an emergency warning system used in the United States. It was the most commonly used, along with the Emergency Override system. It replaced the previous CONELRAD system and was used from 1963 to 1997, at which point it was replaced by the Emergency Alert System.

<span class="mw-page-title-main">CONELRAD</span> Former method of emergency broadcasting in the United States

CONELRAD was a method of emergency broadcasting to the public of the United States in the event of enemy attack during the Cold War. It was intended to allow continuous broadcast of civil defense information to the public using radio stations, while rapidly switching the transmitter stations to make the broadcasts unsuitable for Soviet bombers that might attempt to home in on the signals.

<span class="mw-page-title-main">Emergency Alert System</span> Method of emergency broadcasting in the United States

The Emergency Alert System (EAS) is a national warning system in the United States designed to allow authorized officials to broadcast emergency alerts and warning messages to the public via cable, satellite and broadcast television and both AM, FM and satellite radio. Informally, Emergency Alert System is sometimes conflated with its mobile phone counterpart Wireless Emergency Alerts (WEA), a different but related system. However, both the EAS and WEA, among other systems, are coordinated under the Integrated Public Alert and Warning System (IPAWS). The EAS, and more broadly IPAWS, allows federal, state, and local authorities to efficiently broadcast emergency alert and warning messages across multiple channels. The EAS became operational on January 1, 1997, after being approved by the Federal Communications Commission (FCC) in November 1994, replacing the Emergency Broadcast System (EBS), and largely supplanted Local Access Alert systems, though Local Access Alert systems are still used from time to time. Its main improvement over the EBS, and perhaps its most distinctive feature, is its application of a digitally encoded audio signal known as Specific Area Message Encoding (SAME), which is responsible for the characteristic "screeching" or "chirping" sounds at the start and end of each message. The first signal is the "header" which encodes, among other information, the alert type and locations, or the specific area that should receive the message. The last short burst marks the end-of-message. These signals are read by specialized encoder-decoder equipment. This design allows for automated station-to-station relay of alerts to only the area the alert was intended for.

Specific Area Message Encoding (SAME) is a protocol used for framing and classification of broadcasting emergency warning messages. It was developed by the United States National Weather Service for use on its NOAA Weather Radio (NWR) network, and was later adopted by the Federal Communications Commission for the Emergency Alert System, then subsequently by Environment Canada for use on its Weatheradio Canada service. It is also used to set off receivers in Mexico City and surrounding areas as part of the Mexican Seismic Alert System (SASMEX).

<span class="mw-page-title-main">NOAA Weather Radio</span> 24-hour network of VHF FM weather radio stations in the United States

NOAA Weather Radio (NWR), also known as NOAA Weather Radio All Hazards, is an automated 24-hour network of VHF FM weather radio stations in the United States that broadcast weather information directly from a nearby National Weather Service office. The routine programming cycle includes local or regional weather forecasts, synopsis, climate summaries or zone/lake/coastal waters forecasts. During severe conditions the cycle is shortened into: hazardous weather outlooks, short-term forecasts, special weather statements or tropical weather summaries. It occasionally broadcasts other non-weather related events such as national security statements, natural disaster information, environmental and public safety statements, civil emergencies, fires, evacuation orders, and other hazards sourced from the Federal Communications Commission's (FCC) Emergency Alert System. NOAA Weather Radio uses automated broadcast technology that allows for the recycling of segments featured in one broadcast cycle into another and more regular updating of segments to each of the transmitters. It also speeds up the warning transmitting process.

<span class="mw-page-title-main">Emergency population warning</span> Warning issued by authorities to the public en masse

An emergency population warning is a method where by local, regional, or national authorities can contact members of the public to warn them of an impending emergency. These warnings may be necessary for a number of reasons, including:

<span class="mw-page-title-main">WKBT-DT</span> CBS/MyNetworkTV affiliate in La Crosse, Wisconsin

WKBT-DT is a television station licensed to La Crosse, Wisconsin, United States, serving the La Crosse–Eau Claire market as an affiliate of CBS and MyNetworkTV. Owned by Morgan Murphy Media, the station maintains studios on South 6th Street in downtown La Crosse, and its transmitter is located on Silver Creek Road in Galesville, Wisconsin.

<span class="mw-page-title-main">KWVE-FM</span> Christian radio station in San Clemente, California, United States

KWVE-FM is a commercial radio station licensed to San Clemente, California, and broadcasting to Orange County, the Inland Empire and Northern San Diego County. It airs a Christian talk and teaching radio format, known as "K-Wave". The station is owned by Calvary Chapel Costa Mesa, with its studios in the church-owned Logos Building on West MacArthur Boulevard in Santa Ana.

<span class="mw-page-title-main">WBUP</span> ABC affiliate in Ishpeming, Michigan

WBUP is a television station licensed to Ishpeming, Michigan, United States, serving as the ABC affiliate for the Central and Western Upper Peninsula of Michigan. It is owned by Morgan Murphy Media alongside Calumet-licensed CW+ affiliate WBKP. The two stations share studios on Ash Street in Ishpeming Township; WBUP's transmitter is located south of Ely Township in unincorporated Marquette County.

<span class="mw-page-title-main">Weather radio</span> Specialized radio receiver for weather forecasts

A weather radio is a specialized radio receiver that is designed to receive a public broadcast service, typically from government-owned radio stations, dedicated to broadcasting weather forecasts and reports on a continual basis, with the routine weather reports being interrupted by emergency weather reports whenever needed. Weather radios are typically equipped with a standby alerting function—if the radio is muted or tuned to another band and a severe weather bulletin is transmitted, it can automatically sound an alarm and/or switch to a pre-tuned weather channel for emergency weather information. Weather radio services may also occasionally broadcast non-weather-related emergency information, such as in the event of a natural disaster, a child abduction alert, or a terrorist attack.

KRTV is a television station in Great Falls, Montana, United States, affiliated with CBS. It is owned by the E. W. Scripps Company alongside KTGF-LD, the local NBC affiliate, and is part of the Montana Television Network (MTN), a statewide network of CBS-affiliated stations. KRTV's studios and transmitter are located on Old Havre Highway in Black Eagle, just outside Great Falls.

A broadcast signal intrusion is the hijacking of broadcast signals of radio, television stations, cable television broadcast feeds or satellite signals without permission or licence. Hijacking incidents have involved local TV and radio stations as well as cable and national networks.

<span class="mw-page-title-main">WZZY</span> Radio station in Winchester, Indiana

WZZY is a local radio station in Winchester, Indiana. The station is located on 98.3 on the FM dial and broadcasts at an effective radiated power of 3,000 watts. Studios and offices are located at the Whitewater Broadcasting complex on West Main Street in Richmond, Indiana. The tower is located in rural Randolph County off US 27, north of Lynn, Indiana and WZZY still conducts a lot of business out of an office in downtown Winchester.

<span class="mw-page-title-main">WIZM-FM</span> Radio station in La Crosse, Wisconsin

WIZM-FM is a radio station broadcasting a Top 40/CHR format. Licensed to La Crosse, Wisconsin, United States, the station serves the La Crosse area. The station is currently owned by Mid-West Family Broadcasting.

<span class="mw-page-title-main">Wireless Emergency Alerts</span> Mobile device emergency announcement system in the United States

Wireless Emergency Alerts, is an alerting network in the United States designed to disseminate emergency alerts to mobile devices such as cell phones and pagers. Organizations are able to disseminate and coordinate emergency alerts and warning messages through WEA and other public systems by means of the Integrated Public Alert and Warning System.

<span class="mw-page-title-main">National Emergency Message</span> National activation of the Emergency Alert System

A National Emergency Message, formerly known until 2022 as an Emergency Action Notification, is the national activation of the Emergency Alert System (EAS) used to alert the residents of the United States of a national or global emergency such as a nuclear war or any other mass casualty situation. This alert can only be activated by the president of the United States or a designated representative thereof, such as the vice president. The Emergency Broadcast System (EBS) also carried the Emergency Action Notification. No president has ever activated the alert aside from the 2011 national EAS test.

<span class="mw-page-title-main">Alberta Emergency Alert</span> System used in Alberta, Canada

Alberta Emergency Alert (AEA) is a public warning system in Alberta that warns the public on impending or occurring emergencies affecting an area. The system was implemented in October 2011, replacing the former Alberta Emergency Public Warning System. Alerts are disseminated through various media outlets including television and radio, internet, social media mobile apps, and cell broadcast.

<span class="mw-page-title-main">Emergency override system</span>

The Local Access Alert is a warning system designed to warn radio, television stations, cable television broadcast feeds or satellite signals of impending dangers, such as tornadoes, flash flooding and other civil emergencies. The system was largely replaced by the Emergency Alert System "[1]". in the United States, although it still exists in some areas which have not yet been upgraded, and is still used from time to time in areas that have upgraded to the EAS.

On February 1, 2005, the Emergency Alert System was activated in portions of Connecticut calling for the immediate evacuation of the entire state. The activation was in error. Later studies showed that residents did not evacuate, and that the most common response was to 'change the channel' or seek other confirmation.

<span class="mw-page-title-main">2018 Hawaii false missile alert</span> False alarm sent over all communications media in Hawaii, United States

On the morning of January 13, 2018, an alert was accidentally issued via the Emergency Alert System and Wireless Emergency Alert System over television, radio, and cellular networks in the U.S. state of Hawaii, instructing citizens to seek shelter due to an incoming ballistic missile. It concluded with "This is not a drill". The message was sent at 8:08 a.m. local time. The state had not authorized civil defense outdoor warning sirens.

References

  1. 1 2 3 Goodin, Dan (2013-02-14). "Bogus zombie apocalypse warnings undermine US emergency alert system". Ars Technica. Archived from the original on 2023-10-29. Retrieved 2023-10-29.
  2. Schwartz, Mathew J. (2013-02-12). "Zombie Alert Hoax: Emergency Broadcast System Hacked". Dark Reading. Archived from the original on 2021-08-02. Retrieved 2023-10-29.
  3. Anders, Melissa (2013-02-13). "Zombie apocalypse now? Michigan TV stations' Emergency Alert Systems hacked with notice of walking dead". mlive. Archived from the original on 2023-10-29. Retrieved 2023-10-29.
  4. "Hackers hijack Montana TV station, broadcast zombie apocalypse warning". Wired UK. ISSN   1357-0978. Archived from the original on 2023-10-29. Retrieved 2023-10-29.
  5. 1 2 "Zombie apocalypse newsflash interrupts US TV schedule". The Guardian. Associated Press. 2013-02-12. ISSN   0261-3077. Archived from the original on 2023-10-29. Retrieved 2023-10-29.
  6. 1 2 Storm, Darlene (2013-02-12). "Hacker broadcasts emergency zombie apocalypse warning on TV station in Montana". Computerworld. Archived from the original on 2023-11-05. Retrieved 2023-10-29.
  7. 1 2 "That Time Someone Hacked an Emergency Broadcast System and Warned of the Zombie Apocalypse". Cheezburger. Archived from the original on 2023-10-29. Retrieved 2023-10-29.
  8. Hubbuch, Chris (2013-02-13). "TV zombie-attack warning a false alarm". La Crosse Tribune. Archived from the original on 2019-08-08. Retrieved 2023-10-31.
  9. "Hacked radio station reports Ind. zombie attack". WCPO 9 Cincinnati. 2017-03-01. Archived from the original on 2023-10-31. Retrieved 2023-10-31.
  10. "Hackers take over Randolph County radio station's alert system, send out messages about fake zombie attack". Fox 59. 2017-03-01. Archived from the original on 2023-10-31. Retrieved 2023-10-31.
  11. 1 2 3 Goodin, Dan (2022-08-05). ""Huge flaw" threatens US emergency alert system, DHS researcher warns". Ars Technica. Archived from the original on 2022-08-06. Retrieved 2023-10-29.
  12. Committee on the Future of Emergency Alert and Warning Systems: Research Directions (April 19, 2018). Emergency Alert and Warning Systems. National Academies Press. pp. 70–72. ISBN   9780309467407. Archived from the original on October 31, 2023. Retrieved October 30, 2023.
  13. Wheeler, Tom; Clyburn, Mignon; Rosenworcel, Jessica; Pai, Ajit V.; O'Rielly, Micheal (2016). FCC Record: a comprehensive compilation of decisions, reports, public notices and other documents of the Federal Communications Commission of the United States. Boulder, Colorado: Federal Communications Commission. p. 638.
  14. Kumar, Mohit (February 13, 2013). "Hacker broadcasts zombie warning on TV". The Hacker News . p. 1. Archived from the original on October 29, 2023. Retrieved October 29, 2023.
  15. Moye, David (February 11, 2013). "KRTV's Emergency Alert System Hacked To Warn Of Fake Zombie Apocalypse". HuffPost . pp. 1–2. Archived from the original on October 29, 2023. Retrieved October 29, 2023.
  16. Booth, Charlotte (March 15, 2021). A History of the Undead: Mummies, Vampires and Zombies. Pen & Sword. pp. 86–90. ISBN   9781526769077.
  17. Goodman, Marc (February 24, 2015). Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It. Knopf Doubleday Publishing Group.
  18. Albanesius, Chloe (February 12, 2013). "Hack of Montana TV Station Warns Viewers of Zombie Attack". PC Magazine . pp. 1–2. Archived from the original on October 29, 2023. Retrieved October 29, 2023.
  19. Zombie Emergency Alert System Warning (EAS) , retrieved 2024-01-07
  20. Hubbuch, Chris (2013-02-13). "TV zombie-attack warning a false alarm". La Crosse Tribune. Archived from the original on 2019-08-08. Retrieved 2023-10-29.
  21. United States. Congress. House. Committee on Homeland Security (November 13, 2018). DHS Cybersecurity: Roles and Responsibilities to Protect the Nation's Critical Infrastructure : Hearing Before the Committee on Homeland Security, House of Representatives, One Hundred Thirteenth Congress, First Session, March 13, 2013. Minnesota: U.S. Government Printing Office. p. 72.
  22. "Archived copy". Archived from the original on 2019-11-28. Retrieved 2023-11-11.{{cite web}}: CS1 maint: archived copy as title (link)
  23. "Zombie hack blamed on easy passwords". Chicago Tribune . Reuters. February 14, 2013. pp. 1–2. Archived from the original on 2019-08-08. Retrieved 2023-10-29.
  24. Lyngaas, Sean (August 3, 2022). "FEMA warns emergency alert systems could be hacked to transmit fake messages unless software is updated". CNN Politics . pp. 1–2. Archived from the original on October 7, 2023. Retrieved October 29, 2023.
  25. Loh-Hagen, Virginia (2015). Ethical Hacker. Cherry Lake Publishing. p. 7. ISBN   9781634700788.
  26. Montagne, Renee (February 12, 2013). "Montana TV Stations Warns of Attacking Zombies". WLRN. p. 1. Archived from the original on October 30, 2023. Retrieved October 30, 2023.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.