Hacking Hell


Dick Hobbs. TV-Bay Magazine
Read ezine online

There was a really scary story in the news a week or two ago. In the words of Yves Bigot, director-general of TV5 Monde, "we were a couple of hours from having the whole station gone for good".

What happened to this highly respected broadcaster was that malicious hackers set out to destroy the network's systems. That has to be an alarm call for all of us.

Back in April, the broadcaster had a big event in its headquarters, to celebrate the launch of a new channel. Politicians, industry leaders, and broadcasters from around the world came to drink champagne and wish the new channel well.

That evening Monsieur Bigot went to dinner with a friend from Radio Canada, but barely had the foie gras been served when his mobile went berserk, a flood of texts and calls telling him that all 12 channels had gone off air.

The one piece of good fortune was that, because of the channel launch, TV5 had a lot of engineers on site. By dint of good engineering practice they quickly identified the particular machine that was targeted. It was isolated and they could rebuild the station.

Almost nine hours after the attack started, one channel was back on air. The others followed during the day. Any longer and the loss of service, of revenue and of reputation would have killed the station.

According to the BBC's Gordon Corera, the attackers had carried out reconnaissance of TV5 Monde's systems, to understand the way it worked. They then built bespoke targeted malware to corrupt and destroy the internet-connected hardware, from the camera robotics to the encoders. There appeared to be seven different points of entry.

So this was very serious stuff indeed. It raises a lot of questions that may never be answered. Who paid the hackers to do it? And why TV5 Monde - just because vulnerabilities were identified? The UK security agencies, according to Corera, think it was an exercise to test cyber weaponry.

Whatever the cause, the effect was devastating. It took months before anything at TV5 could be put online: staff were reduced to communicating by fax machine. The top line cost of the attack has been put at 5 million euros.

So we should probably all learn some lessons from this. TV5 has, with advanced authentication procedures for emails from outside the company, and particularly outside France. Flash drives - which we all use intuitively to swap files - now have to be tested in isolated computers first, every time.

But how do you run a broadcast business today without relying on the internet, without relying on connected devices? The most obvious point of connectivity is the delivery of the programmes: broadcasters expect content to be delivered as files, and production companies do not want to spend time and money writing tapes.

There are plenty of secure, broadcast-specific services for delivering content, though, and the likes of Aspera, Aframe and Signiant can surely reassure users that nothing nasty is going to get delivered by them.

Weaknesses are much more likely to be in personal devices. This could be a problem because the ability to connect into the broadcast environment through any device is one of the benefits we are promised by the move to software-defined architectures.

The example often quoted is of a channel controller who commissions a suite of promos for a new programme. The editor goes off and puts a package together, then sends it to the commissioner for checking.

That could mean a message popping up on the channel controller's iPad, connected by wireless anywhere in the building, or maybe connected by 4G on the train home. The trailers are reviewed, comments added and returned to the editor. So now we have a device which could contain an unspecified range of apps, loaded by someone who is as non-technical as they come, talking directly to the asset and workflow management system running the entire station.

This is not an insurmountable problem. Other industries have been forced to face the BYOD challenge - bring your own device. In enterprises from retail to banking, staff insisted on ditching the corporate Blackberry because it made them look like a teenage girl. They wanted to use their iOS or Android device and connect it into the corporate network.

The solution was to turn the idea of security upside down. The traditional approach is to secure the device. With BYOD you have to accept that the device is insecure - everyone wants to load the latest Angry Birds style craze - and instead secure the corporate data.

It is a lot harder for the IT department, but it is possible and, as TV5 Monde discovered, it is absolutely vital. And given that many of the major systems running in your broadcast facility will have direct connections back to the vendor to enable updates and fault-finding, there are a lot of data paths to keep track of.

Finally, one good thing came of the attack at TV5 Monde: a renewed respect for the broadcast engineer. "We owe a lot to the engineer who unplugged that particular machine," said Monsieur Bigot. "He is a hero here."


Tags: iss119 | hacking | hackers | dick hobbs | Dick Hobbs.
Contributing Author Dick Hobbs.

Read this article in the tv-bay digital magazine
Article Copyright tv-bay limited. All trademarks recognised.
Reproduction of the content strictly prohibited without written consent.

Related Shows
  • Training for the future with ITTP: BVE Day 2

    Training for the future with ITTP: BVE Day 2


Articles
Digital Video Tech Innovation - The Game Changer for Live Sports
Lorna Garrett Since the first live television sports event in 1936, when the Olympics was broadcast from Berlin, the sports industry has been an early adopter of the latest technology. The goal continues to be to deliver compelling content around the globe, now to multiple viewing platforms. It’s become a must-have that’s embedded in fan expectations and broadcasters’ marketing strategies.
Tags: iss137 | garland | gpl | liveU | sports | lu600 | hevc | lu300-hevc | Lorna Garrett
Contributing Author Lorna Garrett Click to read or download PDF
Canon EOS C300 MkII Camera Review
Andy McKenzie Canon described the EOS C300 Mark II at its launch as 'a game-changer for creative film-making'. What interested me was whether the camera's impressive feature set, compact size and very aggressive price point matched the needs of the video production market.
Tags: iss137 | finepoint | c300 review | canon c300 | Andy McKenzie
Contributing Author Andy McKenzie Click to read or download PDF
Preparing for the holiday peak
Jamie Adkin The summer holiday getaway of 2018 hit the headlines for all the wrong reasons. A UK airport's non-functional departure boards left travellers unable to find their flights. Meanwhile, an airline cancelled over 2,000 flights due to a computer glitch. One European city closed its airspace entirely.
Tags: iss137 | adder | kvm | server | Jamie Adkin
Contributing Author Jamie Adkin Click to read or download PDF
IMF Adoption
Howard Twine The Interoperable Master Format isn’t new. It’s been around for more than six years. Despite this longevity, the broad adoption since the publication of SMPTE 2067 has been pretty slow. This is perhaps more because of the age old mantra “if it ain’t broke don’t fix it,” than the ease with which many could interpret the standard. However, it is safe to say that movie producers blazed a trail in using IMF for original content delivery. Perhaps the key is that those early adopters didn’t have any significant tape based infrastructure that had been modified for file-based working when receiving content. So, many longer established content distributors have the immense resources to create the vast array of versions required to address the ‘version issue.’ This being how do you get the same content to look good on the back of an aeroplane seat headrest or an iPhone in the back of car as well as a good old TV set. Over time these resources have been diminishing and many organisations recognise that they have to adopt workflow automation to survive.
Tags: iss137 | editshare | imf | standards | smpte 2067 | Howard Twine
Contributing Author Howard Twine Click to read or download PDF
What is the JT-NM Tested Program
Bruce Devlin - new The National Association of Broadcasters (NAB) Show 2019 has come and gone with the usual onslaught of product announcements, launch parties, demonstrations and the usual high-density crowds preventing any high-speed movement between halls. The IP showcase, this year, featured a JT-NM tested program. If you're unfamiliar with the JT-NM, then it's worth checking out their website jt-nm.org where you can find out about the work being done to coordinate the different aspects of building an inter-working ST 2110 eco-system. The JT-NM tested program catalogue can be downloaded from the website and it highlights a series of tests that were performed prior to NAB on various products to see how they performed against the written standards upon which the ST 2110 eco system is based.
Tags: iss137 | st2110 | class | jt-nm | nab | ieee | secuirty | amwa | Bruce Devlin - new
Contributing Author Bruce Devlin - new Click to read or download PDF