The FCC says hackers hijack US radio gear in a growing wave of cyber intrusions that allowed unauthorized actors to transmit bogus emergency alerts, obscene language and offensive commentary across several local broadcasts.
The Federal Communications Commission said Wednesday that attackers exploited unsecured audio transmission devices, triggering the Emergency Alert System’s (EAS) “Attention Signal,” a tone normally reserved for tornadoes, hurricanes and other life threatening events.
In a public notice, the agency warned that the incidents reflect a persistent vulnerability in the systems that many radio stations rely on for critical alerts.
The FCC said a “recent string of cyber intrusions” targeted US radio stations, particularly through equipment manufactured by Barix, a Swiss audio networking company.
Investigators said attackers gained access to devices left with default passwords or outdated security settings, redirecting them to broadcast attacker-controlled audio streams instead of official programming.
Reports surfaced in Texas and Virginia in recent days of radio stations airing racist remarks, fabricated emergency alerts and vulgar rants.
While no false evacuation orders or public safety instructions were issued, the broadcasts sparked concern about broader vulnerabilities in the emergency alert infrastructure.
“The fact that EAS tones were spoofed is especially alarming,” an FCC spokesperson said. “These tones are meant to warn the public about real emergencies, not to be manipulated for harassment or misinformation.”
Barix did not respond to a request for comment. In a 2016 statement after a similar wave of intrusions, the company said its devices are secure when configured properly and protected with strong passwords.
Cybersecurity analysts said the episodes underscore a longstanding issue: many local broadcasters lack the resources or staff to manage security on aging or inexpensive hardware.
“Broadcast equipment is increasingly connected to the internet, but many stations still operate with minimal IT oversight,” said Dr. Lena Cooper, a cybersecurity researcher at Georgetown University.
“When the FCC says hackers hijack US radio gear, it highlights a broader national challenge securing legacy infrastructure in a digital environment.”
Cooper added that emergency alert systems, unlike commercial networks, have unique public safety consequences when compromised. Even simulated alert tones risk confusing listeners or eroding public trust in future warnings.
Mike Torres, a former engineer for a regional radio network, said some smaller stations rely heavily on plug and play systems that default to open ports and weak passwords.
“Attackers don’t need sophisticated tools,” Torres said. “They just scan the internet for accessible devices, log in, upload an audio stream and wait for the station to rebroadcast it.”
The FCC documented at least seven incidents of EAS-related intrusions in the past year, though analysts believe the actual number is likely higher because many small broadcasters do not have monitoring or reporting systems.
A study by the Broadcast Technology Association found that nearly one in five local stations use remote access tools that have never been updated since installation.
Similar attacks occurred in 2013, 2016 and 2022, including a widely reported intrusion in Michigan where hackers broadcast a fake message warning of a “zombie apocalypse.”
In each case, the vulnerabilities were traced to unsecured third party devices rather than failures in the national EAS backbone.
The FCC has repeatedly urged stations to use strong passwords, restrict remote access and install firmware updates, but compliance varies widely.
Some broadcasters who experienced the latest incidents described them as deeply disruptive.
Sarah Mitchell, operations manager at a small Texas station targeted last week, said staff were stunned when an unauthorized alert tone played on the air.
“It was only thirty seconds, but it felt like an eternity,” she said. “Listeners were calling us asking if there was a real emergency. We had to interrupt programming to explain what happened.”
A Virginia listener, Marcus Reed, said he was driving when he heard one of the fake messages.
“I thought a storm was coming or something serious was happening,” Reed said. “When it turned into an offensive monologue, I realized it had been hacked. But it shook me for a minute.”
The repeated incidents have left some communities uneasy about the reliability of future alerts.
The FCC says hackers hijack US radio gear in ways that may continue unless broadcasters upgrade protections.
Officials said they are considering additional compliance requirements for emergency alert equipment, including mandatory password changes and security audits.
Cybersecurity experts warned that as more broadcast infrastructure moves online, the attack surface will continue to grow.
Some suggested federal grants could help small stations, which often operate on tight budgets, install secure systems.
The FCC also plans to work with manufacturers like Barix to ensure new hardware includes stronger default defenses and clearer security guidance.
“We can’t rely on goodwill alone,” Cooper said. “These systems are part of national emergency readiness, and they must be treated accordingly.”
As the FCC says hackers hijack US radio gear, the recent intrusions highlight ongoing vulnerabilities in the country’s emergency alert framework.
While no large scale panic or misinformation campaign has been reported, the incidents exposed gaps in station level cybersecurity that officials say must be addressed.
The agency urged broadcasters to update passwords, install patches and strengthen their security practices to prevent further misuse of public alert systems.
