Attacks/Breaches
2/12/2013
08:52 AM
50%
50%

Zombie Alert Hoax: Emergency Broadcast System Hacked

Bodies of the dead are rising from their graves, warns CBS affiliate. News at 10.

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
Emergency alert: zombies are rising up in Montana.

"Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. Follow the messages onscreen that will be updated as information become available. Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous."

That Emergency Alert System (EAS) voiceover warning, preceded by the standard, staccato EAS attention signal, ran Monday afternoon on CBS affiliate television station KRTV in Great Falls, Mont. The EAS warning interrupted a broadcast of "The Steve Wilkos Show" devoted to teen cheaters.

Signs of an apparent zombie apocalypse to the contrary, KRTV later that day released a statement confirming that a bogus message had been transmitted via its EAS equipment. "Someone apparently hacked into the Emergency Alert System and announced on KRTV and the CW that there was an emergency in several Montana counties," according to the statement. "This message did not originate from KRTV, and there is no emergency. Our engineers are investigating to determine what happened and if it affected other media outlets."

Local police likewise said there was no emergency. "We can report in the city, there have been no sightings of dead bodies rising from the ground," Lt. Shane Sorensen of the Great Falls Police Department told the Great Falls Tribune -- admittedly, with a laugh.

[ Do zombies know how to use computers? Read Uncertain State Of Cyber War. ]

"We had four calls checking to see if it was true. And then I thought, Wait. What if?" Sorenson said. But he noted that KRTV hadn't contacted the police department to report the incident or request an investigation, and said it's unclear what penalties someone might face for hacking a television station's EAS.

The zombie story was spotted by journalism watcher Jim Romenesko, and no doubt zombies rank high in the cultural zeitgeist, as the Emmy Award winning The Walking Dead mid-season premiere Sunday night set a series and basic cable record by drawing 12.3 million viewers.

Accordingly, might the prank may have been a promo for either The Walking Dead, or horror-romcom Warm Bodies? That was the suggestion made by The Register, which noted that the EAS hack clearly tops the 2012 hack of highway signs in Portland, Maine, to read: "Warning Zombies Ahead!"

At the time, a Portland city spokeswoman told Portland Press Herald that whoever broadcast the zombie warning could face misdemeanor charges of "tampering with a safety device," which includes penalties of up to a year in jail and a $1,000 fine.

But tampering with signs to display zombie warnings was already a meme. Indeed, the first zombie-related highway sign tampering incident appears to have been in Austin, Texas, in 2009, reported Portland Press Herald. Similar warnings later appeared on highway signs in Washington, Illinois and New York.

Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Deirdre Blake
50%
50%
Deirdre Blake,
User Rank: Apprentice
2/12/2013 | 7:28:55 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Now that's just funny!
jc
50%
50%
jc,
User Rank: Apprentice
2/12/2013 | 8:35:23 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I have also seen a "Caution Zombies Ahead" sign in San Francisco recently, and according to the CDC, it's only a matter of time: http://www.cdc.gov/phpr/zombie...
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
2/13/2013 | 5:16:26 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I guess that FEMA hasn't worked out the bugs, even since the November 2011 calamity. Although, given the show content, I'd have to wonder if people were actually expecting a warning about zombies or if they would have preferred being switched over to a shopping network or a music video channel showing a Lady GaGa video.

Going to make for some interesting questions at the next IPAWS meeting, that's for sure. :)

Andrew Hornback
InformationWeek Contributor
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
2/13/2013 | 5:31:17 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Oh, wake up, people. They only want you to think it was a hoax.

Jim Donahue
Copy Chief
InformationWeek
PJS880
50%
50%
PJS880,
User Rank: Ninja
2/19/2013 | 7:06:53 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I had to chuckle when I read this, a public service announcement about zombies and people bought it. I also find it amusing that if convicted their perpetrators only misdemeanor charges along with a measly $1000 fine. I thought that if the organizations do not change the default settings on these devices then they could be easily hacked. This has been going on for years and apparently it is still going on today.

Paul Sprague
InformationWeek Contributor
anon3846919518
50%
50%
anon3846919518,
User Rank: Apprentice
7/8/2013 | 4:26:20 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Wasn't one of those mobile roadside alert signs hacked with "Zombies Ahead" a few years ago, or was that just a good photoshop job? Either way, this whole zombie apocalypse thing is just annoying. I think you can actually sign up for zombie alerts here. http://www.alertbroadcast.com, but I don't know if you'll actually need them...BECAUSE ZOMBIES DON'T EXIST!
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
DNS Threats: What Every Enterprise Should Know
Domain Name System exploits could put your data at risk. Here's some advice on how to avoid them.
Flash Poll
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-7445
Published: 2015-10-15
The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated b...

CVE-2015-4948
Published: 2015-10-15
netstat in IBM AIX 5.3, 6.1, and 7.1 and VIOS 2.2.x, when a fibre channel adapter is used, allows local users to gain privileges via unspecified vectors.

CVE-2015-5660
Published: 2015-10-15
Cross-site request forgery (CSRF) vulnerability in eXtplorer before 2.1.8 allows remote attackers to hijack the authentication of arbitrary users for requests that execute PHP code.

CVE-2015-6003
Published: 2015-10-15
Directory traversal vulnerability in QNAP QTS before 4.1.4 build 0910 and 4.2.x before 4.2.0 RC2 build 0910, when AFP is enabled, allows remote attackers to read or write to arbitrary files by leveraging access to an OS X (1) user or (2) guest account.

CVE-2015-6333
Published: 2015-10-15
Cisco Application Policy Infrastructure Controller (APIC) 1.1j allows local users to gain privileges via vectors involving addition of an SSH key, aka Bug ID CSCuw46076.

Dark Reading Radio
Archived Dark Reading Radio

The cybersecurity profession struggles to retain women (figures range from 10 to 20 percent). It's particularly worrisome for an industry with a rapidly growing number of vacant positions.

So why does the shortage of women continue to be worse in security than in other IT sectors? How can men in infosec be better allies for women; and how can women be better allies for one another? What is the industry doing to fix the problem -- what's working, and what isn't?

Is this really a problem at all? Are the low numbers simply an indication that women do not want to be in cybersecurity, and is it possible that more women will never want to be in cybersecurity? How many women would we need to see in the industry to declare success?

Join Dark Reading senior editor Sara Peters and guests Angela Knox of Cloudmark, Barrett Sellers of Arbor Networks, Regina Wallace-Jones of Facebook, Steve Christey Coley of MITRE, and Chris Roosenraad of M3AAWG on Wednesday, July 13 at 1 p.m. Eastern Time to discuss all this and more.