Public service broadcasters are increasingly targeted by malicious cybercrime as they employ cloud-based workflows to manage valuable content assets. Alana Foster speaks to industry experts on the importance of prioritising cyber security.


Cyber security: Still a prevailing threat for PSBs

Public service broadcasters (PSBs) must secure assets to safeguard for the future. That was the warning from experts who spoke to IBC365 on the topic of public service cyber security.

Restreaming, password sharing, and theft of data are some of the major problems facing PSBs today. While platform owners and production studios often feature in the headlines, PSBs also need to proceed with caution.

Channel 4 chief information security officer Brian Brackenborough tells IBC365 that the UK broadcaster is “conscious there is cyber-interest in Channel 4’s offerings” particularly as it plays a vital role as a news, education and entertainment provider within society.

“We haven’t seen a specific increase in threats at this time, but we have increased our monitoring activities and reviewed our incident management processes,” he adds. “It is essential that we provide a secure environment for our staff to be able to carry out their daily activities.”

A report published by Digital TV Research claimed cost of piracy from online streaming is forecast to reach $52 billion by 2022 with viewers in the US, Russian Federation, Brazil, India and the UK found to be the most prolific consumers of illegal pirated content.

Some 50% of site visits pirate sites were for TV-oriented content, while 20% of illegal consumption was on the latest film releases.

Channel 4 on demand

Channel 4: Increases its monitoring activities to address cyber security threat

Comprehensive control
Brackenborough acknowledges: “It’s not going away. Cybersecurity will always be an area of strong focus for us, but I hope that it increasingly becomes second nature, and something that is exercised by our teams as a daily part of life.”

He explains that Channel 4’s online video offerings have “always incorporated strong content protection and sophisticated measures to prevent compromises to the service”. However, the introduction of new technologies can add an extra layer of risk for the broadcaster and a possibility for penetration from those looking to cause a breach or attack.

“As the world changes, the way we secure systems and information must change with it,” he continues. “We perform security functions today that wouldn’t have been necessary, or possible, 10 years ago, and we continue to evolve all the time. It’s like painting the Forth bridge.”

The protection of its users data is critical as is harnessing the possible security measures to control assets of the business.

Brackenborough adds: “We engage with a number of best of breed security providers to help us deliver a robust and comprehensive cyber capability.”

CISO Channel 4

Brian Brackenborough: Channel 4’s chief information security officer

Broadcast security specialist and co-founder of Connect Devices Ltd Jonathan Marshall explained that broadcasters and service providers are becoming increasingly targeted by hackers who can disrupt business, steal assets, interrupt live playout and hold organisations to ransom.

He says: “How effective are PSBs as trusted authorities if they breach the audience trust?”

Marshall, who has worked in previous roles at BBC R&D and later in commercial innovation, played a key role in the invention and dissemination of interactive technologies including the BBC Red Button and hybrid TV and its integration of programming with social networks.

He co-founded Connect Devices with Callum Wilson, whose background is in technology security within the finance sector. The two aimed to create and develop a firm which specialises in innovative internet security technologies capable of protecting individuals and corporations. They have worked within the UK broadcasting regulatory sector for the last five years.

Marshall says lessons from the finance sector are important for broadcasters now more than ever, pointing to the BBC having moved from on-premise to off-prem, while PSBs and media companies migrate to the cloud with more media and systems open to the breaches.

BBC declined to comment on its cyber security practices and protections.

Wilson explains the multifaceted impact on PSBs from “a heavily stress out security team” to a deep threat on the organisation’s “content proposition and reputation” and even the financial impact of ransom.

“If a broadcaster publishes something that can be deemed as a threat and or politically motivated, those people want to get their name out there from hacking perspective to make money.”

The ability for hackers to use technology to scam users - from phishing to scabbing - and overlay content are the two main threats Wilson points to for PSBs to be cautious of, with some criminals uncanny in their ability to duplicate the original.

Wilson explains: “SaaS and platform providers and generally pretty secure but there have been plenty of cases with Amazon and Microsoft,” he adds whilst they’re “not inherently insecure they have had a sheer number of data losses because they have not been set up properly.”

Isolating the contagion
For PSBs, the amount of pressure to control cybercrime is unprecedented.

Wilson says: “Isolation and segregation, whilst they’re being spoken about a lot in the news today across the world health requirements, the same should be applied for internet safety and security particularly among operational broadcasters.”

Contagion of cyber breaches is high with hackers entering an email system to fast track entry into a broadcast system. However isolation of networks and systems can eradicate these issues whilst they’re being monitored.”

He adds: “This is something the broadcast industry has to do a lot more – monitor it and criticise testing – there is not enough testing going on within the big enterprise systems in a PSBs.

“Organisations need to continually monitor it and be able to say with evidence if it is safe or not. A lot of organisation are not monitoring their assets with sophistication.”

An example is the TV5Monde attack from April 2015 where the broadcaster fell victim to a malicious targeted software attack. However, Wilson explains the broadcaster was broken into long before it was detected.

He says: “If broadcasters detect quickly and have a good security operations team that get a hint of a situation, they can take preventive measures.

“This is something that the public sector needs to invest in a lot more - from traditional technology and frameworks into internet and IP streaming - they have to be more switched on.”

He told IBC365 he has witnessed first hand hackers attack unsecured resources and assets in the cloud – after only minutes in the live environment.

Marshall adds that often automatic bots are looking for opportunities to enter unsecured networks and that PSBs are not being attacked directly but the bots are looking for anything open from default passwords to low security controls.

He says: “Cyber attacks are on the rise because more systems are put up without security.

“PSBs are not necessarily targeted but once the bots get in, they’re in. The attackers got in TV5Monde for several months before launching, they worked out how to coordinate a sophisticated attack after the initial breach.”

PSBs underbelly
A breach for a broadcaster could mean audience trust is lost and eroded over time.

Wilson says cyber security is “always going to be more relevant over the next five years” and expects it to be a cat and mouse game the entire way.

“Broadcasters will now be forced to adopt newer technology, enhance mobile apps and direct content to consumer and whilst they’re doing that move into a pretty intense security management strategy implementation,” Marshall says.

The pair explains how the criminal ecosystem works, whilst raising caution to PSBs and urging the tighter adoption of security measures. They explain that whilst a PSB can be targeted in a well-funded attack, the more common breaches are those looking to find a break in route and exploit to someone else in the criminal underground interestied in continuing the break in as a form of monetisation.

Ebu building credit ebu

EBU: Brings together broadcasters to learn from each others security issues

Source: EBU

France TV chief information security office David Garcia tells IBC365: “FTV is targeted as well as other companies, so cybersecurity is very important.

“We are engaged with several organisations and we participate actively to the Media Cyber Security group of the EBU.”

The Media Cyber Security group started by the EBU acknowledges that once a broadcaster is targeted and counter measures are in place, the sensitivity of security issues means other broadcasters could fail to benefit from lessons they learn.

Those participating in the group include: BBC, FT, NPO, ORF, RTÉ, RTBF, RAI, SSR, SVT, RTVE, TV2, VRT, WDR, YLE, ZDF.

Garcia explains that, in-line with other broadcasters, FTV have put in place responsible measures: “The threat is at the same level to online content than it is for any kind of business that is online. We apply the same kind of security controls than any other business.”

The organisation has changed some of its business practices in a move to mitigate the risk of cyber-attacks.

He says: “The procurement process now also includes cybersecurity assessment of providers.”

Cyber security self-assessment
While PSBs are aware of the risks and challenges cyber breaches may pose, organisations are imploring executive to not overlook factoring aside budget and resources to control and manage cyber security.

In the UK, the DPP launched a cyber security programme in September 2017 to enable broadcasters and their suppliers to self-assess against a number of key security criteria.

The DPP Committed to Security programme is a broadcast-facing cyber security checklist developed with the North American Broadcasters Association that contains 20 requirements to allow suppliers to document their progress in the field of security to broadcasters.

DPP programme delivery manager Abdul Hakim explains: “The programme was spearheaded by a range of senior technology leaders from the broadcast and media industry, including the UK PSBs. It was designed to help media technology service providers and suppliers demonstrate how they were working towards improving the maturity of their cyber security.”

The programme has been endorsed by the National Cyber Security Centre (NCSC), and some broadcasters have incorporated it into their internal supplier selection processes.

He says: “Many of the major suppliers in the industry are now mark holders, and renewal rates are high, with many companies now into their third year of renewal. There are currently 42 active mark holders, although over 50 companies have been awarded the marks since the programme began.”

In 2019, according to the UK Department for Digital, Culture, Media and Sport (DCMS) report on Cyber Security Breaches Survey 2019, 32% of businesses and 22% of charities surveyed identified a breach or attack in the last 12 months.

The report highlighted the magnitude of cyber attached persistently remaining a threat to organisations, which has been a consistent trend since 2017.

The DPP responded to the industry movement and an audit programme was launched in April 2019, while a panel of cyber security specialists for the DPP are reviewing the checklist.

Uniting globally for controlled security
Piracy of creative content such as films puts at risk the livelihoods of those who work hard to create the content that consumers enjoy.

Speaking to IBC365 the Alliance for Creativity and Entertainment (ACE) executive vice president and chief of global content protection Jan van Voorn explains: “When people choose to make illegal content available for people to access, this has a direct, detrimental impact on an industry that they love and that is a vital contributor to economies around the world.

“The Motion Picture Association and the ACE are protecting content around the world by investigating illegal services and using a range of tactics to mitigate content theft and illegal distribution.”

The global coalition dedicated to protecting the dynamic legal market for creative content and reducing online piracy has worldwide members including: Amazon, AMC Networks, BBC Worldwide, Bell Canada and Bell Media, Canal+ Group, CBS Corporation, Constantin Film, Foxtel, Grupo Globo, HBO, Hulu, Lionsgate, Metro-Goldwyn-Mayer (MGM), Millennium Media, NBC Universal, Netflix, Paramount Pictures, SF Studios, Sky, Sony Pictures Entertainment, Star India, Studio Babelsberg, STX Entertainment, Telemundo, Televisa, Twentieth Century Fox, Univision Communications Inc., Village Roadshow, Walt Disney Studios Motion Pictures, and Warner Bros. Entertainment Inc.

He adds: “At the same time, there is now a wide range of legal websites offering safe and legitimate access to films, music, books and games. It is hard for these websites to compete on a level playing field with illegal sites.

“It is vital that we take steps to protect our film, television, music, sport, publishing and gaming sectors, all of which are important contributors to the economy and support jobs all around the world.”