Attacks/Breaches
2/12/2013
08:52 AM
Connect Directly
RSS
E-Mail
50%
50%

Zombie Alert Hoax: Emergency Broadcast System Hacked

Bodies of the dead are rising from their graves, warns CBS affiliate. News at 10.

Who Is Hacking U.S. Banks? 8 Facts
Who Is Hacking U.S. Banks? 8 Facts
(click image for larger view and for slideshow)
Emergency alert: zombies are rising up in Montana.

"Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living. Follow the messages onscreen that will be updated as information become available. Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous."

That Emergency Alert System (EAS) voiceover warning, preceded by the standard, staccato EAS attention signal, ran Monday afternoon on CBS affiliate television station KRTV in Great Falls, Mont. The EAS warning interrupted a broadcast of "The Steve Wilkos Show" devoted to teen cheaters.

Signs of an apparent zombie apocalypse to the contrary, KRTV later that day released a statement confirming that a bogus message had been transmitted via its EAS equipment. "Someone apparently hacked into the Emergency Alert System and announced on KRTV and the CW that there was an emergency in several Montana counties," according to the statement. "This message did not originate from KRTV, and there is no emergency. Our engineers are investigating to determine what happened and if it affected other media outlets."

Local police likewise said there was no emergency. "We can report in the city, there have been no sightings of dead bodies rising from the ground," Lt. Shane Sorensen of the Great Falls Police Department told the Great Falls Tribune -- admittedly, with a laugh.

[ Do zombies know how to use computers? Read Uncertain State Of Cyber War. ]

"We had four calls checking to see if it was true. And then I thought, Wait. What if?" Sorenson said. But he noted that KRTV hadn't contacted the police department to report the incident or request an investigation, and said it's unclear what penalties someone might face for hacking a television station's EAS.

The zombie story was spotted by journalism watcher Jim Romenesko, and no doubt zombies rank high in the cultural zeitgeist, as the Emmy Award winning The Walking Dead mid-season premiere Sunday night set a series and basic cable record by drawing 12.3 million viewers.

Accordingly, might the prank may have been a promo for either The Walking Dead, or horror-romcom Warm Bodies? That was the suggestion made by The Register, which noted that the EAS hack clearly tops the 2012 hack of highway signs in Portland, Maine, to read: "Warning Zombies Ahead!"

At the time, a Portland city spokeswoman told Portland Press Herald that whoever broadcast the zombie warning could face misdemeanor charges of "tampering with a safety device," which includes penalties of up to a year in jail and a $1,000 fine.

But tampering with signs to display zombie warnings was already a meme. Indeed, the first zombie-related highway sign tampering incident appears to have been in Austin, Texas, in 2009, reported Portland Press Herald. Similar warnings later appeared on highway signs in Washington, Illinois and New York.

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
Deirdre Blake
50%
50%
Deirdre Blake,
User Rank: Apprentice
2/12/2013 | 7:28:55 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Now that's just funny!
jc
50%
50%
jc,
User Rank: Apprentice
2/12/2013 | 8:35:23 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I have also seen a "Caution Zombies Ahead" sign in San Francisco recently, and according to the CDC, it's only a matter of time: http://www.cdc.gov/phpr/zombie...
Andrew Hornback
50%
50%
Andrew Hornback,
User Rank: Apprentice
2/13/2013 | 5:16:26 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I guess that FEMA hasn't worked out the bugs, even since the November 2011 calamity. Although, given the show content, I'd have to wonder if people were actually expecting a warning about zombies or if they would have preferred being switched over to a shopping network or a music video channel showing a Lady GaGa video.

Going to make for some interesting questions at the next IPAWS meeting, that's for sure. :)

Andrew Hornback
InformationWeek Contributor
OtherJimDonahue
50%
50%
OtherJimDonahue,
User Rank: Apprentice
2/13/2013 | 5:31:17 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Oh, wake up, people. They only want you to think it was a hoax.

Jim Donahue
Copy Chief
InformationWeek
PJS880
50%
50%
PJS880,
User Rank: Ninja
2/19/2013 | 7:06:53 AM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
I had to chuckle when I read this, a public service announcement about zombies and people bought it. I also find it amusing that if convicted their perpetrators only misdemeanor charges along with a measly $1000 fine. I thought that if the organizations do not change the default settings on these devices then they could be easily hacked. This has been going on for years and apparently it is still going on today.

Paul Sprague
InformationWeek Contributor
anon3846919518
50%
50%
anon3846919518,
User Rank: Apprentice
7/8/2013 | 4:26:20 PM
re: Zombie Alert Hoax: Emergency Broadcast System Hacked
Wasn't one of those mobile roadside alert signs hacked with "Zombies Ahead" a few years ago, or was that just a good photoshop job? Either way, this whole zombie apocalypse thing is just annoying. I think you can actually sign up for zombie alerts here. http://www.alertbroadcast.com, but I don't know if you'll actually need them...BECAUSE ZOMBIES DON'T EXIST!
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-2595
Published: 2014-08-31
The device-initialization functionality in the MSM camera driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, enables MSM_CAM_IOCTL_SET_MEM_MAP_INFO ioctl calls for an unrestricted mmap interface, which all...

CVE-2013-2597
Published: 2014-08-31
Stack-based buffer overflow in the acdb_ioctl function in audio_acdb.c in the acdb audio driver for the Linux kernel 2.6.x and 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges via an application that lever...

CVE-2013-2598
Published: 2014-08-31
app/aboot/aboot.c in the Little Kernel (LK) bootloader, as distributed with Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to overwrite signature-verification code via crafted boot-image load-destination header values that specify memory ...

CVE-2013-2599
Published: 2014-08-31
A certain Qualcomm Innovation Center (QuIC) patch to the NativeDaemonConnector class in services/java/com/android/server/NativeDaemonConnector.java in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.3.x enables debug logging, which allows attackers to obtain sensitive disk-encryption pas...

CVE-2013-6124
Published: 2014-08-31
The Qualcomm Innovation Center (QuIC) init scripts in Code Aurora Forum (CAF) releases of Android 4.1.x through 4.4.x allow local users to modify file metadata via a symlink attack on a file accessed by a (1) chown or (2) chmod command, as demonstrated by changing the permissions of an arbitrary fil...

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
This episode of Dark Reading Radio looks at infosec security from the big enterprise POV with interviews featuring Ron Plesco, Cyber Investigations, Intelligence & Analytics at KPMG; and Chris Inglis & Chris Bell of Securonix.