Digital Alert Systems Warns Against 'Uncoordinated Disclosure' of Cybersecurity Flaws
Widely reported vulnerabilities in broadcaster emergency alert system equipment “have not resulted in any actual compromise of the EAS,” said equipment manufacturer Digital Alert Systems last week in a meeting with an aide to FCC Commissioner Brendan Carr, according to…
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
an ex parte filing in docket 15-94 (see 2210250057). DAS expressed concern about “uncoordinated disclosure” of security vulnerabilities. “One key recommendation in this area is the need for closer coordination between the public and private sector on disclosure of any future findings and the action steps to remediate issues,” DAS said. The company provisionally supports requiring EAS vendors to have a security certification, the filing said. DAS is working on “a virtualization of various aspects of EAS” and said such systems could help lower costs for EAS participants, and increase reliability. The FCC’s NPRM on emergency alerting cybersecurity listed concerns about vulnerable, out-of-date devices operated by smaller, low-power TV broadcasters (see 2210270058). The LPTV Broadcasters Association said it wants to eliminate the required EAS “box” and costs associated with it (see 2211040078). “We did acknowledge that the vast majority of incidents in the field were related to failure of some users to properly secure hardware, failure to implement basic network security practices, and failure to implement software updates in a timely manner,” the DAS filing said.