State of the Nation - part 1


Dick Hobbs - new TV-Bay Magazine
Read ezine online
i
Imagine you are the director of the Champions League Final, knowing that 200 million people will be watching your every decision. Or you're directing the Eurovision Song Contest. Or even, to be honest, the Tunbridge Wells local news opt out.

And at live minus 30 seconds, all the screens in the monitor wall suddenly go black then show a demand, in broken English, for 300 Bitcoin.

Scary. And exactly what happened across the UK National Health Service a few weeks ago. Patient records; operating lists; drug orders - all lost to the WannaCry virus.

Now imagine you are the ITV channel controller. It's Saturday evening, you have a fantastic schedule planned which is going to wipe the smiles off all the other competing channels. And then the playlist disappears from the machine controller, and the asset management system goes blank. You remain cool and calm, because you know that the disaster recovery site will be up in a second or two, and the main site will be rebuilt as soon as the power comes back.

If you were working for British Airways a few weeks back, then again you will actually know what this feels like. The official line, touted by Willie Walsh, CEO of parent company IAG, was, to put it simply, someone pulled the plug out then put it back in again.

"What caused the damage," he said, "was that power was restored in an uncontrolled, uncommanded fashion. There was no IT breach, there was no data loss, there was no data corruption."

Well, not entirely true. There was no data at all for many hours, and recovery took many days. No-one is saying why there was not an immediate failover to a disaster recovery site. The airline has two data centres, although they are relatively close together, east and west of Heathrow.

I am absolutely certain that no broadcast engineer reading this column would design a mission critical system without a hot standby site which can take over more or less instantly. Or design it without an uninterruptible power supply. Or locks on the doors to ensure that the power supply remains uninterruptible.

(There is a famous story of a data centre in another industry which had a diesel generator as back-up. Like good people they tested the system regularly and the generator started up perfectly every time. It was only when they had a real power cut that they discovered that the starter for the diesel was mains powered)

We are used to physical security. We are comfortable wearing passes around our necks and swiping in to restricted areas. It is just common sense. But IT security is new. The latest IABM broadcaster survey found that 75% see cybersecurity as a key issue for the future. And many of us simply do not understand the issues - and I am putting my hand up here.

Researchers at the University of Illinois Urbana-Champaign designed a simple experiment to demonstrate the problem. They dropped 297 USB sticks around the campus, each loaded with a little piece of software which reported back when it was online. 48% were picked up and plugged into a computer. Some within just a few minutes of being dropped.

This was just a demonstration, and the software on the stick was not malicious. But it is quite likely that this is exactly the route the WannaCry virus entered the NHS network: someone plugged some unauthorised storage into a networked computer. Does your office have a policy on quarantining USB sticks and disk drives?

Take that thought forward to the future, software-defined, IP-connected media architecture. Now we are not just plugging in random USB sticks, we are actively encouraging software from multiple vendors to automatically log on to the network, authenticate themselves, and handle vital data safely.

Many - perhaps all - of those software vendors will allow their software to "phone home" to check licenses. They will dial in to their software to allow remote diagnostics and fault-finding. There may be automated updates. A lot of uncontrolled connectivity, in other words.

The EBU published a recommendation on cyber-security, R 143, last year. You can read its checklists online. IBC this year features a top-level (CTO invitation only) conference on cyber-security.

In light of this, I asked a couple of the big names what they thought about the issue. Phil Myers of SAM told me "Protection is provided at two levels within the system. At the device level, a 'hardened' secure realtime operating system is implemented to provide isolation protection of all aspects of the device, including the file system and network stack."

Steve Reynolds, CTO of Imagine Communications, expanded on this idea. "The best practice for media companies is the segmentation of networks into zones of increasing trust. In general, critical control systems should be positioned inside isolated media networks, independent logically - and physically if possible - from broad corporate networks."

This is a new buzzword for me. We need to be designing "zones of increasing trust".

"At the COTS network switch level, industry standard protocols can be implemented to secure the network," according to SAM's Myers. He mentioned whitelists of valid addresses, which can be used to control the flow of data in and out of a network.

Imagine's Steve Reynolds agreed, continuing "The logically isolated media network zone can then be further segmented into streaming media flows, automation and control traffic, and file-based workflows, depending on the overall system requirements.

"If you secure operations and have trust elements built into the system, then you can stop an intruder doing anything with the content," he added. "You can never guarantee that something bad will not happen, of course, but it does mean that hackers cannot go to air on your back."

Haroon Meer of Thinkst Applied Research, though, told a recent summit in Qatar that attacks against media organisations become inevitable as the industry becomes more connected.

"Broadcast is at the centre of an almost perfect storm," he said. "It didn't used to matter if you weren't secure because you weren't exposed. You had an unlocked house but it was in a very safe neighbourhood.

"Recently, with convergence and IP, your house is moving into a much worse neighbourhood," he explained. "Breaches will happen. The important question is how you respond."

One suggestion is that you move your operations to someone else's house: put it in the cloud. The general feeling is that the big names in cloud are probably the world authorities in cyber-security, because it is at the core of their business. "There are thousands of people at Google, AWS, Microsoft and the rest with 'security' on their business cards," according to Steve Reynolds.

Keeping your content and your operations secure in the connected world from those who would do you harm is an urgent priority. Clearly, though, it takes money and resources. And the bigger the name, the bigger the reputational damage at risk.

Willem Vermost of the EBU asked "How are broadcasters going to compete in the modern world? Security could be a real block on future developments." Brad Gilmer of AMWA added "business requirements like flexibility and shareability might be conflicting with security, which always has to be the top priority."

And, as Thomas Edwards of Fox so memorably put it, "no-one's ever been hacked over SDI".


Tags: iss126 | iabm | british airways | ransom | bitcoin | cybersecurity | cots | Dick Hobbs - new
Contributing Author Dick Hobbs - new

Read this article in the tv-bay digital magazine
Article Copyright tv-bay limited. All trademarks recognised.
Reproduction of the content strictly prohibited without written consent.

Related Interviews
  • IABM at IBC 2012

    IABM at IBC 2012

  • Quantel at IBC2011

    Quantel at IBC2011


Articles
Using Wireless Transmission
Jeremy Benning Wireless acquisition is a staple of live sports, entertainment and reality shows where cable free capture permits shots not previously possible, for health and safety reasons, and gives the camera-operator greater artistic licence to roam. The same is increasingly true of narrative drama where cinematographers are keen to work handheld or Steadicam where that helps tell the story. Any equipment which frees their movement and time by being lighter, easier to use and reliable in performance is going to tick a lot of boxes.
Tags: iss134 | wireless | 4k | transmission | Jeremy Benning
Contributing Author Jeremy Benning Click to read or download PDF
Giving Welsh sport a global audience
Adam Amor From the Ospreys Rugby Union team, to the Football Association of Wales, as well as national cycling, swimming and boxing coverage, Port Talbot based Buffoon Film and Media has been heavily involved in putting Welsh sports on the world stage.
Tags: iss134 | blackmagic | atem | buffoon | micro studio camera | Adam Amor
Contributing Author Adam Amor Click to read or download PDF
Shedding Light on the Blackmagic Pocket Cinema Camera 4k BMCPP4K
Garth de Bruno Austin “What is it about light that has us craving it?” Is the question asked in the opening seconds of Garth de Bruno Austin’s latest short, The Colour of Light. Exploring this natural, human need as well as our innate desire to control it, Garth’s film showcases everyday people going about their lives in differing degrees of luminance, whether that be an artificial streetlight or a natural morning sunrise.
Tags: iss134 | blackmagic | cinema camera | 4k | cpp4k | Garth de Bruno Austin
Contributing Author Garth de Bruno Austin Click to read or download PDF
The brave new world of software based production
Boromy Ung In today’s rapidly evolving broadcast industry, the only constant media organizations can truly count on is change — and the need to adapt as rapidly and cost-effectively as possible. One of the biggest agents of change is the IP revolution, driving broadcasters to migrate their operations to all-software solutions running on commodity, IT-based technologies.
Tags: iss134 | chyronhego | graphics | sports | ott | Boromy Ung
Contributing Author Boromy Ung Click to read or download PDF
Protecting the continuity of transmission
Lorna Garrett Your viewers love you. You consistently bring them their preferred channels 24/7. They’ve come to rely on you for their viewing pleasure. They never miss cheering on their beloved sports teams. They’re the envy of their friends as they watch live concerts of their favourite bands. They gather the family around and catch up on their must-see shows. They don’t have a bad word to say about you.
Tags: iss134 | garland | gpl | streaming | artel | disaster recovery | Lorna Garrett
Contributing Author Lorna Garrett Click to read or download PDF