Attacks/Breaches
2/12/2013
08:52 AM
Connect Directly
RSS
E-Mail
50%
50%

Zombie Alert Hoax: Emergency Broadcast System Hacked

Bodies of the dead are rising from their graves, warns CBS affiliate. News at 10.

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
Emergency alert: zombies are rising up in Montana.

"Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. Follow the messages onscreen that will be updated as information become available. Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous."

That Emergency Alert System (EAS) voiceover warning, preceded by the standard, staccato EAS attention signal, ran Monday afternoon on CBS affiliate television station KRTV in Great Falls, Mont. The EAS warning interrupted a broadcast of "The Steve Wilkos Show" devoted to teen cheaters.

Signs of an apparent zombie apocalypse to the contrary, KRTV later that day released a statement confirming that a bogus message had been transmitted via its EAS equipment. "Someone apparently hacked into the Emergency Alert System and announced on KRTV and the CW that there was an emergency in several Montana counties," according to the statement. "This message did not originate from KRTV, and there is no emergency. Our engineers are investigating to determine what happened and if it affected other media outlets."

Local police likewise said there was no emergency. "We can report in the city, there have been no sightings of dead bodies rising from the ground," Lt. Shane Sorensen of the Great Falls Police Department told the Great Falls Tribune -- admittedly, with a laugh.

[ Do zombies know how to use computers? Read Uncertain State Of Cyber War. ]

"We had four calls checking to see if it was true. And then I thought, Wait. What if?" Sorenson said. But he noted that KRTV hadn't contacted the police department to report the incident or request an investigation, and said it's unclear what penalties someone might face for hacking a television station's EAS.

The zombie story was spotted by journalism watcher Jim Romenesko, and no doubt zombies rank high in the cultural zeitgeist, as the Emmy Award winning The Walking Dead mid-season premiere Sunday night set a series and basic cable record by drawing 12.3 million viewers.

Accordingly, might the prank may have been a promo for either The Walking Dead, or horror-romcom Warm Bodies? That was the suggestion made by The Register, which noted that the EAS hack clearly tops the 2012 hack of highway signs in Portland, Maine, to read: "Warning Zombies Ahead!"

At the time, a Portland city spokeswoman told Portland Press Herald that whoever broadcast the zombie warning could face misdemeanor charges of "tampering with a safety device," which includes penalties of up to a year in jail and a $1,000 fine.

But tampering with signs to display zombie warnings was already a meme. Indeed, the first zombie-related highway sign tampering incident appears to have been in Austin, Texas, in 2009, reported Portland Press Herald. Similar warnings later appeared on highway signs in Washington, Illinois and New York.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
anon3846919518
50%
50%
anon3846919518,
User Rank: Apprentice
7/8/2013 | 4:26:20 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Wasn't one of those mobile roadside alert signs hacked with "Zombies Ahead" a few years ago, or was that just a good photoshop job? Either way, this whole zombie apocalypse thing is just annoying. I think you can actually sign up for zombie alerts here. http://www.alertbroadcast.com, but I don't know if you'll actually need them...BECAUSE ZOMBIES DON'T EXIST!
PJS880
50%
50%
PJS880,
User Rank: Ninja
2/19/2013 | 7:06:53 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I had to chuckle when I read this, a public service announcement about zombies and people bought it. I also find it amusing that if convicted their perpetrators only misdemeanor charges along with a measly $1000 fine. I thought that if the organizations do not change the default settings on these devices then they could be easily hacked. This has been going on for years and apparently it is still going on today.

Paul Sprague
InformationWeek Contributor
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
2/13/2013 | 5:31:17 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Oh, wake up, people. They only want you to think it was a hoax.

Jim Donahue
Copy Chief
InformationWeek
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
2/13/2013 | 5:16:26 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I guess that FEMA hasn't worked out the bugs, even since the November 2011 calamity. Although, given the show content, I'd have to wonder if people were actually expecting a warning about zombies or if they would have preferred being switched over to a shopping network or a music video channel showing a Lady GaGa video.

Going to make for some interesting questions at the next IPAWS meeting, that's for sure. :)

Andrew Hornback
InformationWeek Contributor
jc
50%
50%
jc,
User Rank: Apprentice
2/12/2013 | 8:35:23 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I have also seen a "Caution Zombies Ahead" sign in San Francisco recently, and according to the CDC, it's only a matter of time: http://www.cdc.gov/phpr/zombie...
Deirdre Blake
50%
50%
Deirdre Blake,
User Rank: Apprentice
2/12/2013 | 7:28:55 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Now that's just funny!
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2010-5110
Published: 2014-08-29
DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF file.

CVE-2012-1503
Published: 2014-08-29
Cross-site scripting (XSS) vulnerability in Six Apart (formerly Six Apart KK) Movable Type (MT) Pro 5.13 allows remote attackers to inject arbitrary web script or HTML via the comment section.

CVE-2013-5467
Published: 2014-08-29
Monitoring Agent for UNIX Logs 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP09, and 6.2.3 through FP04 and Monitoring Server (ms) and Shared Libraries (ax) 6.2.0 through FP03, 6.2.1 through FP04, 6.2.2 through FP08, 6.2.3 through FP01, and 6.3.0 through FP01 in IBM Tivoli Monitoring (ITM)...

CVE-2014-0600
Published: 2014-08-29
FileUploadServlet in the Administration service in Novell GroupWise 2014 before SP1 allows remote attackers to read or write to arbitrary files via the poLibMaintenanceFileSave parameter, aka ZDI-CAN-2287.

CVE-2014-0888
Published: 2014-08-29
IBM Worklight Foundation 5.x and 6.x before 6.2.0.0, as used in Worklight and Mobile Foundation, allows remote authenticated users to bypass the application-authenticity feature via unspecified vectors.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.