Member Login


Forgot Password?
Need Login?

You are here: Home > News & Events > News > Change those…
Welcome, guest: Login to your account

Change those manufacturer-issued equipment passwords – as in NOW!

posted on 2.20.2013

The FCC is advising broadcast stations and other EAS Participants to take immediate steps to prevent unauthorized uses of the Emergency Alert System like the fake zombie attack alerts that went out over a few stations in Michigan and Montana last week.

Scott Flick, an attorney with TAB’s FCC legal counsel, Pillsbury Winthrop Shaw Pittman, said the haste with which the instructions were generated (demonstrated by the fact that they are neither on FCC letterhead nor formatted for such a release), show the FCC’s urgency in the matter.

Flick said it’s also worth noting that the instructions are not described as "recommendations" or "guidelines", but as actions EAS Participants "must" or "are required" to take.

A copy of the FCC release can be found here, but the advisory notes that all EAS Participants are required to take immediate action to secure their CAP EAS equipment, including resetting passwords, and ensuring CAP EAS equipment is secured behind properly configured firewalls and other defensive measures.

The release goes on to say stations should take the following actions immediately:

1.  EAS Participants must change all passwords on their CAP EAS equipment from default factory settings, including administrator and user accounts.

2.  EAS Participants are also urged to ensure that their firewalls and other solutions are properly configured and up-to-date.

3.  EAS Participants are further advised to examine their CAP EAS equipment to ensure that no unauthorized alerts or messages have been set (queued) for future transmission.

4.  If you are unable to reset the default passwords on your equipment, you may consider disconnecting your device's Ethernet connection until those settings have been updated.

5.  EAS Participants that have questions about securing their equipment should consult their equipment manufacturer.

Flick told TAB that federal and state authorities are investigating the source of those hoax alerts which appear to have come from outside the U.S.

Several news stories were generated by the hoax and, unfortunately, some of those created a potential second FCC EAS problem.

FCC regulation prohibits the use of EAS tones for anything other than a test or real emergency.

They may not be used by stations for any other reason, including bona fide news coverage of an EAS related event or even advertising.

Stations using the tones in news coverage or in advertisements could be fined as they are likely to trigger EAS units monitoring a station’s on-air signal.

That was nearly the case in Texas.

TAB received reports from station staff that their EAS units were notified of an EAS alert because of the tones in a news story aired by another EAS source the station was monitoring.

The only thing saving the FCC violation for Texas stations was the fact that the original EAS hoax message had timed out.

TAB urges stations to be careful with EAS tones -- failure to do so could be costly.

The recent EAS hoax serves as a cautionary tale for station staff to review what other kinds of station equipment, not just the EAS endec, has a manufacturer issued password that has not been changed.

Questions?  Contact TAB's Michael Schneider or call 512-322-9944.

« Back to News Archive
« Back to Latest News