Following a high-profile hijacking incident at ESPN Houston 97.5 (KFNC), which prompted a formal warning from the FCC’s Public Safety & Homeland Security Bureau, Barix is addressing nearly a decade of cyberattacks linked to its unsecured IP audio devices.
The Swiss-based manufacturer acknowledged in an email to users Tuesday that the internet “has now become a high-risk environment where unsecured devices are easy targets,” after recent breaches exploited Barix Exstreamer equipment left exposed online with weak or default passwords. “Several radio transmitters were hijacked by unknown actors who injected inappropriate audio into the live program feed,” Barix said, adding that the incidents led directly to an FCC investigation and Public Notice.
“The message couldn’t be clearer – if you operate Barix devices with accessible web-based GUIs directly on the internet without robust network security, it’s time to reconsider,” the company warned. Barix cited its RetailPlayer platform as an example of integrated system-level protection and recommended broadcasters implement network safeguards for devices with browser interfaces.
Barix also directed customers to security guidance previously shared by CTO Johannes Rietschel and suggested StreamGuys’ Reflector service as a more secure STL solution.
The FCC’s November 26 advisory followed several hijackings dating back to 2016, including attacks on stations in Colorado, Nashville, and multiple LPFMs. The Bureau said “threat actors” have repeatedly accessed poorly secured studio-transmitter links (STLs), often through Barix equipment, to replace programming feeds with unauthorized audio and false Emergency Alert System tones.
While the Commission is not expected to fine affected stations, it urged all broadcasters — “especially those using Barix equipment” — to install current software patches, update firmware, replace default passwords with strong alternatives, and use firewalls or VPNs to restrict remote access. Stations were also advised to continuously monitor EAS equipment, audit access logs, and follow cybersecurity best practices outlined by the Communications Security, Reliability, and Interoperability Council.
“If you suspect that broadcast equipment has been subject to attempts at unauthorized access,” the FCC added, “contact the equipment manufacturer and/or a data security firm.”
In a separate development, Barix announced it will not exhibit at Integrated Systems Europe (ISE) 2026 in Barcelona, marking a shift away from traditional trade show investment. Instead, CEO Reto Brader will host private meetings with clients during the event, citing stronger ROI from North American shows and a preference for more personal engagement.
