... edited by Barry Mishkind - the Eclectic Engineer
Why Are So Many Stations Being "Hacked?"-
In the past months radio stations across the country have found their STL audio being taken over by unknown persons, with the audio stream redirected to a loop of a obscene song - in case apparently for a entire week!
This is not the first time this has happened. Several years back, stations in Texas and elsewhere were taken over and listeners were confronted with a crude hip hop format from another country. Then the was the famous Zombie EAS Alert. And since the Inauguration of President Trump, a whole series of these incidents have occurred.
What is behind it and why does it continue?
It has become quite common to read about "hacking:" This bank or that company has been "hacked" and so many hundreds of thousands of accounts and the information were compromised.
However, to start our discussion of what is happening in broadcast, it is necessary to understand that stations were not technically "hacked." Hacking usually means using programming holes and bugs to attack a site or computer. In virtually every case of a station's audio being taken over, the approach was simply a bad actor who discovered the feed either had no password or still had the factory defaults in place.
To their credit, Barix - the most frequent target - has issued public statements telling users to change the passwords and use a firewall.
So why does this still happen?
DEFAULT CONDITIONS AND SIMPLE SECURITY
Usernames and passwords have been a hassle ever since computers reached into almost every part of society. From a number set of computers in the late 1970s, we now have access to systems that will run anything from the coffee pot to a broadcast station to, in celebrated cases, nuclear centrifuges.
And most people use no password, "password," or "123456" ... the statistics on this are stunning. You cannot legislate common sense, but at some point the FCC will fine someone for the verbal garbage broadcast. That might get the attention of those who do not really pay attention (most are small stations with no resident IT professional).
But there is more.
A large number of people do not really understand what a firewall is - nor the need to protect their audio chain properly.
Them, too, we can talk about potential liability. The FCC is not going to look favorably on a station that has been reported to have broadcast obscene material in lengthy blocks. We do not know as yet, but the Enforcement Bureau may well be gearing up to "say" something.
Liability aside ... How can you make sure you will not be next?
Have you ever heard of Shodan.io? This is a web site where hackers/crackers/black hats/white hats go, and by entering device names, etc, and it searches the information for gear that "announces" itself to anyone knocking on the door. Last year, one engineer did a search on Barix and found hundreds of boxes ready to announce themselves.
It is a small trick for the script kiddles to then attack the IP addresses and, if the password has not been changed, take over.
In the past couple of weeks, stations that were redirected to obscene audio include KQES-LP, Seattle, WFBS, Salem, SC, as well as stations in Nashville, Tennessee; Louisville, Kentucky; Evansville, Indiana; and San Angelo, Texas
The prudent move is to endure your link is safe. This may require more than Windows Firewall or a simple router. Watch this space for some ideas.