FCC Adopts EAS Cybersecurity, Modernization Rules

RADIO ONLINE | Thursday, June 25, 2026 | 2:32pm CT

Federal Communications Commission (FCC)

The Federal Communications Commission has adopted new rules aimed at strengthening the cybersecurity of the nation's Emergency Alert System (EAS) while launching a broader effort to modernize both EAS and Wireless Emergency Alerts (WEA).

Approved Thursday, the Report and Order requires EAS participants to implement stronger password practices, promptly test and install manufacturer-issued security patches, and use network firewalls or comparable security measures to better protect alerting equipment from cyberattacks.

The Commission also adopted a Further Notice of Proposed Rulemaking seeking comment on additional improvements designed to make EAS and WEA more secure, reliable and effective. Among the proposals are requiring authentication for all emergency alerts before transmission, establishing a universal alert identification number to prevent duplicate alerts, improving the geographic accuracy of wireless alerts by eliminating outdated geotargeting exceptions, and adding emergency-specific symbols to EAS and WEA messages.

The FCC is also proposing to modernize alerting technology by permitting software-based EAS implementations as an alternative to dedicated hardware and eliminating the legacy 90-character limit for Wireless Emergency Alert messages.

FCC Chairman Brendan Carr said the new cybersecurity requirements address vulnerabilities that have been exploited in past attacks, including the widely publicized 2013 false "zombie apocalypse" emergency alert that resulted from compromised equipment protected by default passwords.

"Today's item builds on our prior work by taking commonsense steps to strengthen the cybersecurity of our emergency alert systems," Carr said. "Requiring stronger password practices, timely software updates, and improved security controls will help reduce opportunities for bad actors to exploit weaknesses in alerting equipment."

The National Association of Broadcasters praised the Commission's action. NAB President and CEO Curtis LeGeyt said the organization supports both the new cybersecurity safeguards and the proposal to allow software-based EAS alert processing.

"Local radio and television stations play a vital role in delivering trusted emergency information to communities when it matters most," LeGeyt said. "By allowing broadcasters to deploy security updates more quickly, reduce equipment downtime and strengthen system redundancy, this proposal can help ensure stations are better positioned to deliver critical emergency information when communities need it most."

Commissioner Olivia Trusty also backed the action, calling secure and reliable emergency alerting systems essential as communities increasingly rely on timely warnings during wildfires, tornadoes, hurricanes and other disasters. She said the proposal will help modernize the nation's alerting infrastructure while protecting it against evolving cybersecurity threats.