Skip to main content
Home

Main navigation

  • REC Home
  • Apply
    • REC Services Rate Card & Policies
    • LPFM Construction Completed
    • LPFM License Modification
    • New FM Booster Station
    • New Class D FM Station in Alaska
    • New Low Power FM (LPFM) Station
  • Initiatives
    • RM-11846: Rural NCE Stations
    • RM-11909: LP-250 / Simple 250
    • WIDE-FM
    • RM-11952: Translator Reform
    • RM-11843: 8 Meter Ham Band
    • PACE - LPFM Compliance
  • Services
  • Tools
    • Today's FCC Activity
    • Broadcast Data Query
    • Field strength curves
    • Runway slope
    • Tower finder
    • FM MODEL-RF Exposure Study
    • More tools
    • Developers - API
  • LPFM
    • Learn about LPFM
      • Basics of LPFM
      • Self Inspection Checklist
      • Underwriting Compliance Guide
      • Frequently Asked Questions
      • FCC Rules for LPFM
      • HD Radio for LPFM
      • Transmitters certified for LPFM
      • Interference from FM translators
      • RadioDNS for LPFM Stations
    • 2023 Window REC Client Portal
    • myLPFM - LPFM Station Management
    • LPFM Station Directory
    • Spare call signs
    • REC PACE Program
    • More about LPFM
  • Reference
    • Pending FCC Applications
    • FCC Filing Fees
    • Radio License Renewal Deadlines
    • FCC Record/FCC Reports
    • Pirate Radio Enforcement Data
    • Premises Info System (PREMIS)
    • ITU and other international documents
    • Recent FCC Callsign Activity
    • FCC Enforcement Actions
    • Federal Register
    • Recent CAP/Weather Alerts
    • Legal Unlicensed Broadcasting
    • More reference tools
  • LPFM Window
  • About
    • REC in the Media
    • Supporting REC's Efforts
    • Recommendations
    • FCC Filings and Presentations
    • Our Jingles
    • REC Radio History Project
    • Delmarva FM / Riverton Radio Project
    • J1 Radio / Japanese Broadcasting
    • Japan Earthquake Data
    • REC Systems Status
    • eLMS: Enhanced LMS Data Project
    • Open Data at REC
    • Our Objectives
  • Contact

Breadcrumb

  • Home

Operational Status

Michi on YouTube

Most popular

fcc.today - real time updates on application activity from the FCC Media Bureau.  fccdata.org - the internet's most comprehensive FCC database lookup tool.  myLPFM.com - Low Power FM channel search and station management tool.  REC Broadcast Services - professional LPFM and FM translator filing services. 

Other tools & info

  • Filing Window Tracking
  • Enforcement Actions
  • REC Advisory Letters
  • FAQ-Knowledge Base
  • U/D Ratio Calculator
  • Propagation Curves
  • Runway Slope/REC TOWAIR
  • Coordinate Conversion
  • PREMIS: Address Profile
  • Spare Call Sign List
  • FCC (commercial) filing fees
  • Class D FM stations in Alaska
  • ARRR: Pirate radio notices
  • Unlicensed broadcasting (part 15)
  • FMmap - broadcast atlas
  • Federal Register
  • Rate Card & Policies
  • REC system status
  • Server Status
  • Complete site index
Cirrus Streaming - Radio Streaming Services - Podcasting & On-demand - Mobile Apps - Advertising

REC tells FCC that EAS cybersecurity plan is overkill for Small Stations, calls on EAS manufacturers to step up to address security concerns

By Michi Bradley | 7:34 AM EST, Fri December 23, 2022

REC Networks has filed comments with the FCC in PS Docket 22-329, a proceeding related to Emergency Alert System (EAS) readiness and cyber security.

In comments, REC expressed serious concerns over an FCC proposal that would require all broadcast entities from iHeart, Sinclair and Nexstar to small stations including LPFM licensees, noncommercial educational stations with limited revenues, minority-owned, "mom and pop" and individual owner commercial stations to develop, maintain and update a complex cyber security risk management plan, similar to those used by federal government agencies and large corporations with enterprise computing operations.  

These demands from the FCC come on the heels of a small number of incidents that occured over the past decade where the passwords of EAS decoders/encoders were compromised in cases where the EAS was directly exposed to the internet for incoming connections. 

In comments, REC stated that "Small Stations" do not have separate information technology departments, help desks or chief information officers.  They are small operations, many with primarily volunteers and to provide a complex cybersecurity plan similar to those used by federal agencies would be extensively burdensome and would take resources away from a noncommercial station's primary mission of achieving their educational objectives and informing the public.  

REC proposed for smaller FM stations (LPFM, Class D and Class A), smaller AM stations (Class C and Class D stations operating 1 kW or less) and for smaller LPTV stations (those with a noise limited contour of 28.3 km or less) that do not play a support role in EAS (such as being a local primary station), that these stations not be required to prepare an extensive cyber security plan but instead, adopt a simplified "Code of Good Network Operating Practices" which addresses some common-sense methods of assuring that an EAS, especially one that is exposed to the internet for incoming connections is properly protected from unauthorized use.  This Code of Good Network Operating Practices have also been published by REC in REC LPFM Advisory Letter No. 17. 

REC calls upon the EAS equipment manufacturers, such as Digital Alert Systems/Monroe Electronics, Sage Alerting Systems, Viavi (Trilithic) and Gorman Redlich to enact additional security methods, such as two factor authentication in their EAS decoders/encoders as well as other methods including pre-setting random passwords for new units at the factory or placing the login screen in a manner that requires the additional entry of a few random characters in the uniform resource locator (URL) that is used to access the equipment.  REC states that EAS equipment manufacturers also own this issue and demands that manufacturers make these security patches in EAS equipment at no charge to at least small stations.

REC also opposed any changes at this time to current policy related to EAS outages from the current policy where the FCC field office is contacted if the EAS is expected to be out of service for more than 60 days.  REC states that issues with EAS are not always equipment but also receive antennas.  REC also cites the issues with the current State Emergency Communications Coordinator structure and the struggles that some rural stations have in receiving their monitoring assignments outlined in their state plans.  REC states that if reporting at less than 60 days is necessary, it should be done in a system that broadcasters are familiar with, such as LMS and not in systems unfamiliar to broadcasters, such as NORS, which is normally used for telephone service outage reporting. 

Reply comments in PS Docket 22-329 are due by January 23, 2023.

 

REC Essentials

  • FCC.TODAY
  • FCCdata.org
  • myLPFM Station Management
  • REC site map

The More You Know...

  • Unlicensed Broadcasting
  • Class D Stations for Alaska
  • Broadcasting in Japan
  • Our Jingles

Other REC sites

  • J1 Radio
  • REC Delmarva FM
  • Japan Earthquake Information
  • API for developers

But wait, there's more!

  • Join NFCB
  • Pacifica Network
  • LPFM Wiki
  • Report a bug with an REC system

Copyright © REC Networks - All Rights Reserved
EU cookie policy

Please show your support by using the Ko-Fi link at the bottom of the page. Thank you for supporting REC's efforts!