A big story making the rounds of the radioverse this week is the story of the Louisiana radio station “taken down by hackers“.
Stannard Broadcasting’s cluster of “Today’s Country 105.7” KVVP Leesville, Rock “Channel 95.7” KROK South Fort Polk, and AC “Mix 106.7” KUMX North Fort Polk originally claimed they were “hijacked” last Friday with their systems being held for ransom. In reality, the station’s computer systems were not protected. The stations were running the no-longer supported Windows XP or any virus protection being kept up-to-date and hit by the Cryptowall Ransomeware that encrypts every file on the system and is not released unless they send money via bitcoin to the virus distributor.
Having outdated software and an unprotected system resulted in the station having to rebuild its entire computer system and hours being off the air. And the on-air computer shouldn’t have needed to be connected to the outside world. The costs to simply upgrade and maintain the station’s software over time would have been more cost-effective in the long run.
Meanwhile, Townsquare Media’s 95.7 KEZJ Twin Falls, ID hasn’t been affected by anything yet, but could easily have been. Someone associated with the station published all of the station’s internet passwords on a publicly accessible web page. I won’t link to the page which is accessible by Google search, but here’s a screenshot with the logins covered:
Had someone with malicious intentions discovered the page they could have accessed the station’s website backend, photography subscriptions, and analytics. There’s no reason for any login to be on a publicly available page on the server.
These should be common sense issues for any broadcaster, but there are always places where common sense doesn’t exist.