State of the Nation - part 1


Dick Hobbs - new TV-Bay Magazine
Read ezine online
i
Imagine you are the director of the Champions League Final, knowing that 200 million people will be watching your every decision. Or you're directing the Eurovision Song Contest. Or even, to be honest, the Tunbridge Wells local news opt out.

And at live minus 30 seconds, all the screens in the monitor wall suddenly go black then show a demand, in broken English, for 300 Bitcoin.

Scary. And exactly what happened across the UK National Health Service a few weeks ago. Patient records; operating lists; drug orders - all lost to the WannaCry virus.

Now imagine you are the ITV channel controller. It's Saturday evening, you have a fantastic schedule planned which is going to wipe the smiles off all the other competing channels. And then the playlist disappears from the machine controller, and the asset management system goes blank. You remain cool and calm, because you know that the disaster recovery site will be up in a second or two, and the main site will be rebuilt as soon as the power comes back.

If you were working for British Airways a few weeks back, then again you will actually know what this feels like. The official line, touted by Willie Walsh, CEO of parent company IAG, was, to put it simply, someone pulled the plug out then put it back in again.

"What caused the damage," he said, "was that power was restored in an uncontrolled, uncommanded fashion. There was no IT breach, there was no data loss, there was no data corruption."

Well, not entirely true. There was no data at all for many hours, and recovery took many days. No-one is saying why there was not an immediate failover to a disaster recovery site. The airline has two data centres, although they are relatively close together, east and west of Heathrow.

I am absolutely certain that no broadcast engineer reading this column would design a mission critical system without a hot standby site which can take over more or less instantly. Or design it without an uninterruptible power supply. Or locks on the doors to ensure that the power supply remains uninterruptible.

(There is a famous story of a data centre in another industry which had a diesel generator as back-up. Like good people they tested the system regularly and the generator started up perfectly every time. It was only when they had a real power cut that they discovered that the starter for the diesel was mains powered)

We are used to physical security. We are comfortable wearing passes around our necks and swiping in to restricted areas. It is just common sense. But IT security is new. The latest IABM broadcaster survey found that 75% see cybersecurity as a key issue for the future. And many of us simply do not understand the issues - and I am putting my hand up here.

Researchers at the University of Illinois Urbana-Champaign designed a simple experiment to demonstrate the problem. They dropped 297 USB sticks around the campus, each loaded with a little piece of software which reported back when it was online. 48% were picked up and plugged into a computer. Some within just a few minutes of being dropped.

This was just a demonstration, and the software on the stick was not malicious. But it is quite likely that this is exactly the route the WannaCry virus entered the NHS network: someone plugged some unauthorised storage into a networked computer. Does your office have a policy on quarantining USB sticks and disk drives?

Take that thought forward to the future, software-defined, IP-connected media architecture. Now we are not just plugging in random USB sticks, we are actively encouraging software from multiple vendors to automatically log on to the network, authenticate themselves, and handle vital data safely.

Many - perhaps all - of those software vendors will allow their software to "phone home" to check licenses. They will dial in to their software to allow remote diagnostics and fault-finding. There may be automated updates. A lot of uncontrolled connectivity, in other words.

The EBU published a recommendation on cyber-security, R 143, last year. You can read its checklists online. IBC this year features a top-level (CTO invitation only) conference on cyber-security.

In light of this, I asked a couple of the big names what they thought about the issue. Phil Myers of SAM told me "Protection is provided at two levels within the system. At the device level, a 'hardened' secure realtime operating system is implemented to provide isolation protection of all aspects of the device, including the file system and network stack."

Steve Reynolds, CTO of Imagine Communications, expanded on this idea. "The best practice for media companies is the segmentation of networks into zones of increasing trust. In general, critical control systems should be positioned inside isolated media networks, independent logically - and physically if possible - from broad corporate networks."

This is a new buzzword for me. We need to be designing "zones of increasing trust".

"At the COTS network switch level, industry standard protocols can be implemented to secure the network," according to SAM's Myers. He mentioned whitelists of valid addresses, which can be used to control the flow of data in and out of a network.

Imagine's Steve Reynolds agreed, continuing "The logically isolated media network zone can then be further segmented into streaming media flows, automation and control traffic, and file-based workflows, depending on the overall system requirements.

"If you secure operations and have trust elements built into the system, then you can stop an intruder doing anything with the content," he added. "You can never guarantee that something bad will not happen, of course, but it does mean that hackers cannot go to air on your back."

Haroon Meer of Thinkst Applied Research, though, told a recent summit in Qatar that attacks against media organisations become inevitable as the industry becomes more connected.

"Broadcast is at the centre of an almost perfect storm," he said. "It didn't used to matter if you weren't secure because you weren't exposed. You had an unlocked house but it was in a very safe neighbourhood.

"Recently, with convergence and IP, your house is moving into a much worse neighbourhood," he explained. "Breaches will happen. The important question is how you respond."

One suggestion is that you move your operations to someone else's house: put it in the cloud. The general feeling is that the big names in cloud are probably the world authorities in cyber-security, because it is at the core of their business. "There are thousands of people at Google, AWS, Microsoft and the rest with 'security' on their business cards," according to Steve Reynolds.

Keeping your content and your operations secure in the connected world from those who would do you harm is an urgent priority. Clearly, though, it takes money and resources. And the bigger the name, the bigger the reputational damage at risk.

Willem Vermost of the EBU asked "How are broadcasters going to compete in the modern world? Security could be a real block on future developments." Brad Gilmer of AMWA added "business requirements like flexibility and shareability might be conflicting with security, which always has to be the top priority."

And, as Thomas Edwards of Fox so memorably put it, "no-one's ever been hacked over SDI".


Tags: iss126 | iabm | british airways | ransom | bitcoin | cybersecurity | cots | Dick Hobbs - new
Contributing Author Dick Hobbs - new

Read this article in the tv-bay digital magazine
Article Copyright tv-bay limited. All trademarks recognised.
Reproduction of the content strictly prohibited without written consent.

Related Interviews
  • IABM at IBC 2012

    IABM at IBC 2012

  • Quantel at IBC2011

    Quantel at IBC2011


Articles
Peli Air 1507 Review
Phil Vinter Originally named after a bird that carries its precious cargo through the skies, it was, perhaps, only a matter of time before Peli released its Air range.
Tags: iss133 | peli | peli air 1507 | trekpak | Phil Vinter
Contributing Author Phil Vinter Click to read or download PDF
Fast-moving productions need multi-cam RF reliability
Darren Bilton Wireless acquisition creates a level of freedom not possible with any other form of filming yet only a decade ago the technique was barely possible. The technology enabling live real-time connections over radio frequencies has advanced leaps and bounds such that there is barely an entertainment, documentary, sports or news format today that doesn’t benefit from at least one link system. That means the demands on the kit continues to rise and includes the need for fail safe multi-camera operation, ease of use and backwards compatibility all within a small, lightweight and budget-friendly package.
Tags: iss133 | boxx tv | wireless | mpeg-4 | multicam | rf | multi-cam | Darren Bilton
Contributing Author Darren Bilton Click to read or download PDF
DJI Ronin-S Review
Tim Bearder

If you read my review of the GH5 in Issue 129 at the beginning of the year, you know I’m a filmmaker that is all about small form factor. My basic setup combines the tiny yet powerful mirrorless Panasonic GH5 with the wonderfully compact Sennheiser AVX wireless mic system. Together you’ve got a run and gun set up to die for.

Unless you actually run!

Tags: iss 133 | dji | ronin-s | gh5 | Tim Bearder
Contributing Author Tim Bearder Click to read or download PDF
The Biggest Toy Shop in the World
Emma Morrison When Nigel Woodford started his career at BBC Wood Norton in 1962, television was black and white and BBC Two had not yet been launched. In 2018 Nigel will retire, and Richmond Film Services, the pro-audio equipment rental company set up by Nigel in 1973, can count numerous contributions to iconic moments in British cultural, sporting and film history over this time.
Tags: iss133 | richmond film services | audio rental | auction | liquidity | go-dove | Emma Morrison
Contributing Author Emma Morrison Click to read or download PDF
Perimeter LED screens management
Nicolas Houel Opened in January 2016, Parc Olympique Lyonnais, also known as Groupama Stadium, is the new home of Olympique Lyonnais football club, one of the most popular clubs in France. Since its inauguration, the stadium was a host of UEFA Euro 2016, and was also chosen to stage, among other important events, the 2018 UEFA Europa League Final and football at the 2024 Summer Olympics.
Tags: iss133 | 3dstorm | graphics | groupama stadium | liveexpert | livecg | deltacast | Nicolas Houel
Contributing Author Nicolas Houel Click to read or download PDF