The city of Marquette, Michigan had two separate TV stations warn viewers of a zombie apocalypse via the emergency alert systems including an announcement that “dead bodies are rising from their graves.” Hackers accessed the ESA of both PBS-affiliate WNMU Channel 13 and ABC-affiliate WBUP-TV Channel 10 sending out scrolling text as well as an audio warning about a zombie invasion.
The hacking prank also appears to have spread to Montana, as a TV station there also broadcast a warning about brain-eaters.
“Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living,” read the alert that ran at CBS affiliate KRTV in Great Falls, Montana. Follow the messages on screen that will be updated as information becomes available. Do not attempt to approach or apprehend these bodies, as they are considered extremely dangerous.”
According to a news report at The Detroit News, both incidents appear to be the act of a single hacker bent on mischief and authorities are already investigating the event,
“Someone was able to get into the system and they sent out an alert about zombies,” Smith said. “It was basically talking about the dead rising to attack the living. As soon as we realized, we took it off line.”
WBUP saw the same type of audio alert at about 8:37 p.m. Monday, according to station manager Cynthia Thompson.
“It has been determined that a ‘back door’ attack allowed the hacker to access the security of the EAS equipment,” Thompson said in a statement on the station’s website. “ABC 10-CW 5 will continue to work with federal and state agencies, including law enforcement and security experts, on the investigation of this incident.”
The details of how the attack worked are sketchy and only come by way of the statement by WBUP station manager Thompson. It would appear that the EAS equipment for the stations both contained “back doors” perhaps for remote networking.
Statements by TV staff suggest that the hackers were not local to Marquette but that they had in fact been tracked. However, the FBI and other federal authorities will comment on their involvement so far.
This is not the first time hackers and mischiefmakers have used emergency broadcast systems to send warnings about zombie uprisings, which include not just TV systems, but also roadside hazard signs (which didn’t involve hacking but instead unsecured control panels.)
EAS participants should reset passwords and place equipment behind firewalls, FCC says
As after the EAS prank last year, this incident has caused the FCC to issue a warning to all participants in the Common Alerting Protocol system to use strong passwords and place their equipment behind firewalls.
Last year, the FCC started requiring EAS equipment holders (TV stations) to connect their systems to the Internet so that they could be coordinated. However, without specific guidelines for how they should secure that equipment it seems that many of them are exposed to the Internet and therefore easy access by hackers (the pranksters in this case.)
The most recent prank and the release of zombie warnings has led the FCC to once again urge those participating in the CAP system to reset their passwords and firewall their equipment.