DETROIT — Warnings about the zombie apocalypse may seem pretty amusing, but officials say they’re dead serious about figuring out who hacked into the U.S. public warning system to broadcast such messages in a handful of states.
So far, people in California, Michigan, Montana and New Mexico have heard the warnings about attacking zombies that have been sent over the Emergency Alert System.
“Local authorities in your area have reported the bodies of the dead are rising from their graves and attacking the living,” the message warned. “Do not attempt to approach or apprehend these bodies as they are considered extremely dangerous.”
The subject matter may be humorous, but Greg MacDonald with the Montana Broadcasters Association said the consequences of such attacks on the alert system could be severe.
“This looks like somebody being a prankster, but maybe it’s somebody testing just to see if they could do this, to do some real damage,” MacDonald said. “Suddenly you create a panic and people are fleeing somewhere and you end up with traffic jams and accidents and who knows what.”
The U.S. recently replaced its old telephone-based alert system with a web-based one. The Federal Communications Commission sent an urgent advisory Tuesday urging stations to reset their alert system passwords, disconnect their Internet connections and take other steps to make sure the equipment is protected from outside attack.
In Michigan, hackers broke into the system with audio or text messages at two stations on Monday. Michigan Association of Broadcasters President Karole White said the breach appeared to be related to default passwords that the stations hadn’t changed.
In Los Angeles, a radio station that had its alert system breached sent out a zombie message, according to Richard Rudman, a broadcast engineer and vice chair of the California State Emergency Communications Committee. He declined to name the station but said any that were hacked were using default passwords for their alert systems or lacked adequate computer security.
The FCC on Tuesday also asked stations to check their equipment to make sure no further unauthorized alerts were queued up for future transmission, according to a copy of the advisory provided by the Montana Broadcasters Association.
No one has been arrested in connection with the hacking incidents.
Other attempts to access to emergency systems in recent days were thwarted by updated passwords, said Edward Czarnecki with Kentucky-based Monroe Electronics, which manufacturers the alert equipment used by most television and cable companies.
Where the hackers succeeded, Czarnecki said a failure by stations to provide adequate computer security was at fault.
All U.S. broadcasters are required to be part of the Emergency Alert System, which evolved from Cold War-era systems dating to the 1950s and ’60s. The system was created so the president could address the public in a national emergency, but it’s mainly used by state and local authorities to deliver weather warnings. The first national test of the revamped system was in November 2011.
WNMU in the northern Michigan city of Marquette was broadcasting an episode of “Barney and Friends” just before 4 p.m. Monday when an ominous voice warned of zombies on the loose. The station quickly caught the errant message and disabled the system.
“There were really no complaints,” said station general manager Eric Smith. “A couple of viewers … called, wondering what it was all about.”
The Federal Emergency Management Agency said its public alert and warning system wasn’t breached and the hacking incidents did not affect its ability to activate the system nationally.
White, who oversees the alert system in Michigan, says she’s confident that systems there are now secure, though any breach is a concern.
“We feel fortunate they were not able to get into the entire Emergency Alert System — that’s the good news,” she said. “The bad news is they got in at all.”