• Get involved.
    We want your input!
    Apply for Membership and join the conversations about everything related to broadcasting.

    After we receive your registration, a moderator will review it. After your registration is approved, you will be permitted to post.
    If you use a disposable or false email address, your registration will be rejected.

    After your membership is approved, please take a minute to tell us a little bit about yourself.
    https://www.radiodiscussions.com/forums/introduce-yourself.1088/

    Thanks in advance and have fun!
    RadioDiscussions Administrators

Transmitters being breached now?

SomeRadioGuy

SomeRadioGuy

From Fletcher Pride on Facebook:
Hello all, I have a few clients that run GatesAir transmitters (specifically the GX series). They were ported out to the public, and we found this morning that the RDS encoders had been hacked and the message had been changed to an explicit message. Additionally, the hackers cleared the event log on the way out, so there is no indication of who they were.
If you or a client of yours is running a GatesAir GX series transmitter that is publicly ported, it is likely that this has affected you, as I had two different clients with two totally different passwords (they are either bypassing the login or using the factory service password). Get it behind a firewall
 
This affects all GatesAir transmitters (and just about every other brand of transmitter). A service bulletin was sent round recently. The problem is that people are exposing the transmitters to the public internet which is bad, but then worse not changing the default admin password which gives anyone full access to the transmitter. RDS is a particular vulnerability as it is usually not secured for remote access if using it dynamically. A hacker could do real physical damage to a transmitter and associated equipment if they knew what they were doing. In some other brands you can access everything including the calibration settings and protection systems.

Many transmitters use Linux which can have unpatched vulnerabilities. GatesAir are pretty good at patching these. Others much less so.

Do not expose your transmitters and other critical devices to the public internet. If you must remote access it, get it behind a truly secure VPN. Always change the default admin and engineer access passwords to something secure. Delete any user accounts that are not needed. Make sure that other devices on the network are secure.
 
Having your transmitter directly exposed to the Internet is a solution looking for problem. If you insist on it at least change the passwords AND put up a firewall that hackers would have to go through before they get to try apasswords on your stuff.

Since the 1990s remote equipment would call you if there was an issue with the transmitter. You could usually make an adjustment from your phone. If was something that you couldn't fix on the phone usually you had to go out there anyways usually after lightning visited to reset breakers if you were lucky.

IMHO the US has become too dependent on the internet. Many water systems have been compromised and supposedly they are not sure if they can get the "State Sponcered Hackers" out of them. The US has had clean drinking water for at least a hundred years before the Internet. Why would you expose drinking water systems to every PC hooked up to the Internet in the world?
 
Moving critical infrastructure SCADA systems and other remote control interfaces to the public internet is one of the dumbest things humanity has ever done.

Everyone used private, proprietary telemetry and remote access methods pre-internet. Remember the era of private dry telco circuits, and seeing small directional UHF yagis and microwave drums on tops of banks, water towers, and at electrical substations? The convenience and cost-saving allure of mass market SOHO routers and commercial ISPs killed way too much of that off.

Even during the pre-internet era itself, careless people who placed critical systems on publicly-accessible networks like the PSTN often discovered themselves having unwanted guests. War dialing was yesterday's nmap, and films like War Games dramatized it quite well.

Word to the wise: if you put your modern critical systems behind a VPN, so there's only one port open to the internet (the VPN daemon's), then that daemon simply assumes the role of being the target for unpublished zero-day exploits. You might want to guard against this using port knocking or SPA if your firewall offers the feature. Alternatively, a firewall that blocks your VPN's daemon port to all but whitelisted IPs, while allowing new whitelisted IPs to be entered through a side channel (e.g. phone calls using DTMF), would work just as well.
 


Back
Top Bottom