[grc] FCC ENFORCEMENT ADVISORY: Barix Extreamer Password Precautions

Michelle Bradley mae at recnet.com
Fri Feb 3 18:10:34 PST 2017 

*The FCC Enforcement Bureau has reached out to REC and other 
organizations to reach as many broadcasters as possible addressing the 
recent incidents of compromises of the Barix Extreamer equipment 
commonly used as a studio-to-transmitter link.  The Enforcement Bureau's 
statement follows:*

It has come to our attention that unauthorized persons recently may have 
illegally gained access to certain audio streaming devices used by 
broadcasters, and may have transmitted potentially offensive or indecent 
material to the public.  We believe that the reported cases involved 
unauthorized access to equipment manufactured by Barix, which some 
licensed broadcasters use for studio-to transmitter (STL), remote 
broadcast (Remote) and similar audio connections. We understand that the 
unauthorized access to the devices may be due, in part, to instances 
where the licensee fails to set a password for devices with no default 
password, or to re-set default passwords on the Barix device.

We urge licensees to take all available precautions to prevent future 
unauthorized transmissions.  In many cases, there may be simple, 
practical solutions to prevent such situations from occurring.  For 
example, we strongly encourage licensees that use Barix devices, as well 
as other transmitting equipment, to check and, if necessary, add a 
password, or re-set existing passwords with new, robust passwords.  
Similarly, if a broadcast station experiences turnover in staff who had 
access to passwords, we encourage licensees to re-set the password to 
ensure future security.  We also recommend that broadcasters investigate 
whether additional data security measures, such as firewalls or VPNs 
configured to prevent remote management access from other than 
authorized devices, in some cases, could be implemented to preserve this 
potentially critical part of the broadcast transmission chain.  If you 
suspect that broadcast equipment has been subject to attempts at 
unauthorized access, we also recommend that you contact the equipment 
manufacturer and/or a data security firm.  We also suggest that you 
notify the FCC Operations Center, 202-418-1122, orFCCOPCenter at fcc.gov 
<mailto:FCCOPCenter at fcc.gov>of suspected unlawful access.

If you have any questions, please contact Lark Hadley, the Regional 
Director for the Enforcement Bureau’s Region Three 
viaWR-Response at fcc.gov <mailto:WR-Response at fcc.gov>.

Michelle Bradley
REC Networks
844-REC-LPFM
http://recnet.com
=m

More information about the grc mailing list