Two regional radio station outages occurred after hackers infiltrated ESPN 97.5 and NPR’s Radio IQ studio-transmitter links, replacing scheduled programming with unauthorized audio. These radio station outages affected stations in Texas and Virginia, interrupting regular content and exposing listeners to fabricated emergency tones and other inappropriate material. Engineers and broadcast specialists are now reviewing how attackers gained access to these systems and how similar radio station outages can be prevented across the industry.
ESPN 97.5 in Houston was targeted during a live NFL game. The attack occurred while the station carried coverage of the Dallas Cowboys’ comeback win over the Philadelphia Eagles. Listeners reported hearing a loop of fake emergency alert tones, a song containing offensive language, and a message encouraging people to follow the attackers online. The station later confirmed that its signal had been compromised, resulting in radio station outages, and stated that its engineering team began working immediately to restore normal operations. The disruption prevented listeners from hearing part of the game, prompting the station to issue a public explanation and thank users who reported the irregular broadcast.
A similar disruption occurred days earlier at WVTF’s Radio IQ, an NPR affiliate serving the Richmond region. The station reported that a hacker had inserted an unauthorized audio loop into its backup feed, causing radio station outages. Radio IQ explained that its system automatically switches to a backup feed when sensors detect silence on the main audio line. During a period of dead air, the system activated the backup channel, which had already been tampered with. Engineers manually restored the primary feed and later began reviewing how the backup pathway was accessed.
Investigators Point to Weak Studio-Transmitter Link Security
The FCC later provided a technical explanation, noting that both incidents appear tied to a compromised studio-transmitter link, or STL, which contributed to the radio station outages. This link acts as the connection between a radio station’s central studio and its remote transmitters. When properly secured, the system sends real-time programming to broadcast towers. When misconfigured or left exposed to public networks, these links can be targeted by attackers who insert unauthorized content, creating radio station outages.
Officials pointed to improperly secured Barix equipment as a likely entry point. Barix devices are widely used for streaming audio between studio systems and transmission sites. In past intrusions, attackers gained access through devices that were left with default credentials or open network configurations. Once inside, they reconfigured equipment to receive attacker-controlled audio instead of the intended station programming, resulting in radio station outages. Recent incidents in California and Iowa, where stations KRLL and KPOG experienced similar issues, also involved Barix systems.
Broadcast engineers note that STL vulnerabilities are not new. Many stations adopted internet-connected audio transport hardware as a cost-effective alternative to older microwave-based systems. While the newer devices offer convenience, they require frequent updates, strong passwords, and secure network placement to prevent unauthorized access.
Radio Outages Raise Awareness of Infrastructure Risks
The recent hijackings highlight broader cybersecurity challenges facing broadcast media. Radio stations often operate with limited engineering staff, making it difficult to continuously monitor every piece of equipment across multiple sites. Backup systems, while essential for maintaining uptime, can open new pathways for intrusion if not routinely audited.
Engineers say that attackers often look for accessible systems that have been left unchanged since installation. Devices placed directly on public networks are especially vulnerable. Once attackers identify these access points, they can inject audio streams, mimic emergency alert tones, or interrupt programming for extended periods.
While the interrupted broadcasts caused frustration among listeners, the incidents also underscored an important operational issue: emergency alert signals can draw immediate attention due to their distinct tones and structure. Industry experts emphasize that false alert audio can cause confusion, even when it does not originate from official emergency channels.
Stations Review Safeguards After Disruptions
Following the incidents, both affected stations reported that they are strengthening their internal controls and reviewing how their systems fail over during periods of silence or outage. They also noted that no structural damage occurred, and broadcast services were quickly restored once engineers regained control of the audio feeds.
Technical teams across multiple regions are now examining their own infrastructure in response. Many are reviewing access logs, updating passwords on STL hardware, and verifying network isolation for audio transport devices to reduce the likelihood of radio station outages. Industry professionals expect more guidance on recommended configurations as security teams continue to analyze the data.
