Hackers infiltrated poorly secured U.S. radio broadcast equipment and used it to transmit fake emergency alerts and obscene content — including the “Attention Signal” tone from the national Emergency Alert System (EAS). The attacks exploited vulnerable studio-to-transmitter links made by the Swiss firm Barix, allowing cybercriminals to replace legitimate programming with attacker-controlled audio streams. The federal regulator Federal Communications Commission (FCC) issued an urgent notice advising broadcasters to apply basic cybersecurity measures immediately to prevent further hijackings.
Key Takeaways
– Hackers are targeting unsecured Barix-brand transmission gear to hijack U.S. radio broadcasts, inserting fake EAS alerts and obscene audio streams.
– The misuse of EAS alert tones — intended for real emergencies like natural disasters — threatens public trust in emergency communications and could cause panic or confusion.
– The FCC strongly recommends broadcasters change default passwords, apply firmware/software updates, and harden network access controls to safeguard critical broadcast infrastructure.
In-Depth
In a disturbing new wave of cyberattacks, American radio stations have been hijacked by unknown actors exploiting insecure broadcasting gear — turning public airwaves into conduits for fake emergency alerts and offensive content. According to a recent notice from the Federal Communications Commission, the intrusions targeted studio-to-transmitter links (STLs) manufactured by Swiss firm Barix. Those devices, when improperly configured or left using default credentials, were reprogrammed to stream attacker-controlled audio in place of legitimate station programming. As a result, listeners in affected areas — including stations in Texas and Virginia — heard the EAS “Attention Signal” tone preceding broadcasts of obscene language, racist material, or outright fakes posing as emergency alerts.
The “Attention Signal” is deeply embedded in the public psyche as the harbinger of grave emergencies: tornadoes, hurricanes, major floods, earthquakes. Its misuse strips away the implicit trust listeners place in official alerts — and for good reason. If radio can no longer be presumed safe or secure, misinformation or panic could spread at a moment’s notice. The danger isn’t just lewd or offensive broadcasts; once attackers gain confidence in breaching broadcast infrastructure, the potential for disinformation campaigns, false panic, or even targeted “emergency” hoaxes grows dramatically.
This isn’t the first time emergency alert infrastructure has been compromised. The EAS system (which replaced the older Emergency Broadcast System) has long allowed authorized officials to broadcast warnings across television and radio networks. But security experts have warned for years that many stations rely on outdated hardware or lax credential policies — risks that now appear validated with real-world exploitation.
What’s striking is how basic the vulnerabilities are: default passwords, unpatched hardware, wide-open network access. The FCC’s response is blunt but overdue, urging broadcasters to adopt baseline cybersecurity hygiene: change default passwords; apply software updates promptly; restrict remote access; deploy firewalls or VPNs; and monitor access logs for anomalies. These are not advanced measures — but they’re often neglected or overlooked.
Broadcasters must now face a hard truth: in 2025, even traditional mediums like FM/AM radio and studio-transmitter links are not immune from cyber threats. The convenience and cost-efficiency of IP-based audio routing have opened the door to cyber intruders. If radio stations want to preserve credibility — and public safety — they need to treat their transmission infrastructure as critical IT infrastructure. This means embracing cybersecurity standards and proactively defending against breaches.
For the listening public, the recent hijackings serve as a reminder: signals you’ve long trusted may no longer be beyond manipulation. Radio remains powerful — but only if the gatekeepers behind the scenes act now to secure it.