Hackers have been hijacking US radio transmission equipment to air bogus emergency tones and offensive material, according to a notice issued Wednesday by the US Federal Communications Commission (FCC).
The wave of intrusions triggered unauthorized uses of the Emergency Alert System’s distinctive Attention Signal, which is normally reserved for tornadoes, hurricanes, earthquakes and other urgent threats.
In particular, threat actors appeared to target Barix network audio devices and reconfigure them to capture attacker-controlled streams instead of regular programming.
Several stations in Texas and Virginia were affected, with broadcasts interrupted by simulated alert tones, the Attention Signal and obscene language.
Read more on emergency alert systems: Cyber-Attack Disrupts OnSolve CodeRED Emergency Notification System
The FCC said these incidents were tied to unsecured equipment that allowed unauthorized users to access transmission paths between studios and remote towers. Some stations learned of the compromise only after listeners reported unexpected emergency tones layered with bigoted or otherwise inappropriate content.
Recommended Steps For Broadcasters
In its notice, DA 25-996, the FCC urged stations to strengthen basic safeguards.
It asked broadcasters, particularly those operating Barix hardware, to:
-
Install manufacturer-issued security patches and upgrade firmware
-
Replace default passwords with robust alternatives and rotate them regularly
-
Place EAS and Barix devices behind firewalls and use VPNs restricted to authorized systems
-
Monitor equipment logs to spot unauthorized access
-
Review best practices previously published by the Communications Security, Reliability and Interoperability Council (CSRIC)
Some of these recommendations echo measures raised in 2016 when, at the time, Barix said its devices are secure “when set up correctly and protected with a strong password.”
The FCC encouraged broadcasters to contact equipment manufacturers if they suspect tampering. Stations experiencing unusual activity should alert the FCC Operations Center and file reports with the FBI’s Internet Crime Complaint Center.
While no broader disruptions have been reported, the FCC emphasized that proper configuration and routine maintenance remain essential as attackers continue to probe broadcast infrastructure nationwide.
