Cyber crime has existed in one form or another for decades, but the threat has never been so potent, says Arqiva’s Denis Onuoha.
With attackers now coming from far and wide, and with varying intents, organisations across the world are at risk of attack and the consequences can be devastating.
Companies in the broadcast sector might not be the first targets you’d think of in comparison, say, to the financial services, but they are by no means immune to this potential onslaught.
In fact, a heavy reliance on sophisticated technologies, and the power held by television and radio businesses makes them ever more susceptible to attack.
The broadcast industry is at a stage where it is moving to cloud-based and IP systems and embracing other forms of disruptive technology.
This adoption has brought with it security vulnerabilities that simply didn’t exist previously. One need look no further than the attacks against TV5 and Sony.
The veil of secrecy around cyber security is hindering attempts at collaboration
In April streaming giant Netflix fell victim to a hacking collective known as ‘The Dark Overlord’ (TDO) which released 10 of the 13 episodes of season five of Orange is the New Black after it refused to pay the demanded ransom.
Reports said TDO threatened that Fox, IFC, National Geographic and ABC are next.
So with cases like these emerging, the burning question is: “What can we do to secure ourselves in the current cyber landscape?”
The first step
The answer to this question is a fairly lengthy one as the process that ensues is multi-dimensional.
As with all journeys, however, we must begin somewhere. And in this case it is with collaboration.
In theory this should be one of the easiest steps to take, however in practice encouraging collaboration between broadcast industry players isn’t straight forward.
C -Tech Series: Cyber Security Forum
At IBC2017, an invitation-only forum on Friday 15 September will examine what the cyber war means for broadcasters, how to anticipate the next threat and how to manage a breach. Click here for more information
It not only requires trust, often between competing organisations who may not want to openly share information, but could also invoke commercial implications that add to such reticence.
Unfortunately, our adversaries face no such issues and are already collaborating on the dark web. There exists much evidence for this as numerous investigations have shown that information sharing and auctioning of Zero Day vulnerabilities are rife.
To ensure the security of our sector’s is able to withstand coordinated attacks, our defense has to be as coordinated – if not more – than the coordinated attacks of our adversaries.
In order to learn from the attacks being perpetrated against our industry, we must be able to speak about them, and this must happen sooner rather than later.
To date, there has been a veil of secrecy around cyber security that is hindering the industry’s attempts at collaboration. It is not difficult to see why such a thing exists.
Hacking cases – especially in which big name brands are the victim – are frequently given pages and pages of column inches in both trade and national media thanks to their potential impact to consumers.
Such stories can cause panic and severe reputational damage.
Just look at TalkTalk. The telecoms firm lost more than 100,000 customers after a high-profile breach in October 2015. It saw its share value fall by one third in just 48 hours. [Talk Talk was issued with a £400,000 fine by the Information Commissioners Office in October 2016]
With such a high level of media interest, this could happen to almost anyone unlucky enough to fall victim to a similar attack.
Few want to talk openly about breaches when they happen, or the security policies in place (or not as the case may be) to prevent them.
Too often investigations may focus not on what went wrong, but rather on who made the crucial mistakes.
While a sense of accountability and responsibility are crucial parts of cyber security, if employees believe they’ll be subject to finger-pointing they will be unlikely to talk openly about threats and mistakes.
Are companies too focused on avoiding reputational damage among peers and consumers to do the right thing when a threat is suspected? Or worse, when an attack happens?
The good news is that some progress is being made by existing initiatives throughout the world. The NAB, EBU, DPP, NABA, IABM and AIB are working together on cyber security, with a focus on tackling the various issues that affect the industry and collaborating on a number of standards.
The AIB has also established a cyber security working group. 2017 will see the associations collaborating further to deliver on the foundation work already underway.
While this work is ongoing at the upper levels of the industry, it is still important for individual organisations to make use of their networks and explore the various mechanisms for sharing information in their countries.
No matter your size, you are a target
In the United Kingdom, there is the cyber information sharing partnership which is hosted by the National Cyber Security Centre.
This is a safe environment where information can be shared, anonymously if required, and also has the support of the NCSC fusion cell sitting behind it to investigate the matter further and potentially distill the information without identifying the source.
The US-CERT (Computer Emergency Response Team) also has a reporting mechanism in place and shares the information to relevant interested parties.
On the global front, the various CERTs do collaborate and share information amongst themselves and this is slowly improving. However, there is still extensive work that needs to be carried out in this area.
While there won’t be a one-size-fits-all approach that will suit the whole industry, the broadcasting community must start working more closely together and collaborating with vendors to ensure we operate in a secure eco-system.
Developing a cyber-strategy strong enough to withstand the security threats facing each and every one of us is as much about celebrating our successes as learning from our mistakes.
After all, no matter your size, you are a target. But when working as part of a larger collective, we are at our most powerful.
Up to this point, the attackers have had a head start.
Now, we must ensure that as we embrace new and disruptive technology cyber security is a key consideration in all of the decisions we make. Together.
- Denis Onuoha is Chief Information Security Officer at Arqiva. He will speak at IBC2017 in the Business Transformation - Efficient and Profitable Operations session
Read more Cyber security in broadcasting.
The views expressed are those of the author