Category Archives: National

Skyview Hacked

Skyview, the distribution service used by CBS Radio News, ABC Radio News, and others, failed yesterday as radio station affiliates found silence when their automation systems had expected network news insertions. Skyview posted the following announcement to stations receiving their streams through XDS receivers:

Skyview Networks experienced unauthorized access to its IT environment, resulting in interrupted technical services. Immediately upon learning of the incident, Skyview activated its comprehensive incident response plan. We have initiated advanced monitoring and threat detection across our systems and data. We have also engaged third-party forensic experts to help us contain and investigate the incident. These efforts are fully underway.

IMPORTANT:

During this undetermined period of time, it is advised NOT to reboot your XDS receiver.

Please reach out to affiliaterelations@skyviewsat.com if you have any questions.

You Have Options When Monitoring PEPs

San Diego and Imperial Counties can hand broadcast engineers some challenges with respect to receiving the Emergency Alert System (EAS) LP1 and LP2 stations, both AMs. If you are relaying the signals of KOGO 600 and KLSD 1360 from an AM transmitter site, you must have good filtering and shielding from your own transmitter signal, and be able to receive the signal at night. And if you’re in El Centro, how do you even receive a Primary Entry Point (PEP) signal required for national tests?

Richard Rudman, California State Emergency Coordination Committee Vice-Chair, has some viable suggestions for receiving PEPs:

  • Monitor your usual LP-1, like KOGO, which depends on receiving a PEP signal
  • Monitor the NPR network via satellite
  • Monitor an NPR affiliate like KPBS San Diego or KQVO Calexico
  • Monitor SiriusXM’s “barker” channel.

The latter option is worth explaining. You can use any SiriusXM receiver and as long as you hear audio, you’re good. The barker channel is the free channel used as a reception confidence signal and for promoting their subscription options. In the event of a national emergency or test, they interrupt that, or any, active channel you are listening to with any national EAS message.

FCC Directs Stations to Submit Form One to ETRS by February 28

The FCC announced in mid-December that February 28 is the new deadline for submitting a Form One in the EAS Test Reporting System (ETRS) in anticipation of a National EAS Test, which, as of this writing, does not have a test date established.

While there was no national test in 2022, if your station was operating before last year, you likely have an account set up on the ETRS. The FCC said it would open the site for Form One filings on January 3, 2023.

FCC Announces NPRM to Address EAS Security Updates

The FCC issued the Notice of Proposed Rulemaking FCC-22-82 last week in an effort to shore up security vulnerabilities discussed recently. The vulnerabilities include the usual easy-to-guess passwords, lack of EAS device software updates, and so on. The FCC wants to require broadcasters and cable operators to report cyber threats to their EAS equipment within 72 hours and file a cybersecurity risk management plan with the FCC for their EAS system. The commission also wants broadcasters to download and install security patches for their EAS gear.

EAS IPAWS Security Advisory

[FROM FEMA Advisory published 8/1/2022]

We recently became aware of certain vulnerabilities in EAS encoder/decoder devices that, if not updated to most recent software versions, could allow an actor to issue EAS alerts over the host infrastructure (TV, radio, cable network).

This exploit was successfully demonstrated by Ken Pyle, a security researcher at CYBIR.com, and may be presented as a proof of concept at the upcoming DEFCON 2022 conference in Las Vegas, August 11-14.

In short, the vulnerability is public knowledge and will be demonstrated to a large audience in the coming weeks.

FEMA strongly encourages EAS participants to ensure that:

  1. EAS devices and supporting systems are up to date with the most recent software versions and security patches;
  2. EAS devices are protected by a firewall;
  3. EAS devices and supporting systems are monitored and audit logs are regularly reviewed looking for unauthorized access.