CAP EAS hack attack

Change the locks

At many broadcast stations, engineers are in charge of facility security and, therefore, must always keep security in the forefront. However, security is such a broad term; we know about physical and personal security, but some may still be a bit naive about cyber-security. We hear about Internet security threats so frequently that it’s easy to tune it out. Let’s review the basics.

Strong passwords are your first line of defense. Using your station’s call letters or street address is an open invitation to even the dumbest hacker, let alone a fully automated password guesser. Strong passwords include those with caps and lower case letters, symbols, numbers and spaces. Fewer than eight characters are considered easy to hack. Twelve- or 16-character passwords, including numbers, spaces and symbols, are much stronger.

As important as strong passwords in the defense of your system are firewalls. Consumer routers typically include a firewall, and you get what you pay for. Stronger industrial-strength firewalls are found in “Enterprise” class routers. This class of router is generally only available from larger manufacturers and is not usually found on shelves in neighborhood box stores. Spam filtering and proxy servers can also enhance security.

Keep all software up-to-date. Some experienced engineers may be hesitant because they’ve been burned by an update or two, but modern upgrades are typically transparent to the system. If you have questions about an update, contact the manufacturer of the equipment. Some gear, such as older PC-based gear, may be sensitive to OS upgrades. If you own such a system, don’t connect it to the Internet, and don’t use flash drives that haven’t been fully verified virus-free by the latest antivirus software on the latest operating system. PC-based systems must be considered stand-alone appliances and kept away from the Internet. What was once considered an air-gap can be compromised by Wi-Fi or Bluetooth.

Frequently monitor systems for breaches and threats. News reports of the zombie hack included another station that had been monitoring its EAS system log and found multiple attempts to use the back door to try passwords in the days leading to the zombie event. Make such systems checks a regular part of your daily routine. Additionally, there is a variety of integrity auditing tools available that will report if and when changes have been made at the system level. Most begin with a snapshot of the system when it is known to be operating optimally. There are numerous such tools available for virtually every popular operating system, open and closed. Know them, use them and sleep better knowing you’re working smarter than the person trying to hack you.

Ultimately, everything you really need to know about security can be said in two words: Be skeptical.