The threats are real and growing but cybersecurity is a reality to be managed not a battle to be won
In today’s digitally disrupted market the traditional broadcasting industry is becoming exposed to cyber risks already well-known to born-on-the-internet companies.
Those risks are regulatory and adversarial, including threats of cyber crime through distributed denial of service (DDOS) attacks, hacking of personal information, ransomware, stealing of IP and the stealing and distribution of content resulting in financial loss.
In April a survey conducted on behalf of the UK Chamber of Commerce found that one fifth of UK companies both large and small had suffered cyber attacks.
As traditional companies embrace the data phenomenon and start to gather more and more information about their audiences they must also adhere to strict national and international data protection laws, including the European General Data Protection Regulation (GDPR) which comes into force in 2018.
C-Tech Series: Cyber Security Forum
At IBC2017, an invitation-only forum on Friday 15 September will examine what the cyber war means for broadcasters, how to anticipate the next threat and how to manage a breach. Click here for more information
Failure to adhere to GDPR could result in a fine of up to 5% of global revenues in the event of loss of personal data whether through malicious actions or through misadventure.
This adds to the existing cybercrime exposure which threatens broadcast content delivery through the degradation and destruction of broadcast signals.
CNA (computer network attacks) are a sophisticated cyber security threat designed to cripple the broadcaster by extracting content for criminal purposes.
Broadcast signal intrusion is the hijacking of radio, television stations, cable television, broadcast feeds and satellite signals.
Piracy, the theft and distribution of content prior to release is an illegal act well known to all content companies. Illegal streaming of content is also a huge risk to OTT companies such as Netflix and Amazon.
Solutions and policies
Security appliances, intrusion prevention and malware protection are deployed to keep attackers out.
Breach detection and forensics experts are needed to discover and mitigate cyber risks. But the idea of a perimeter and a castle keep is an old fashioned view of cyber security, according to the latest thinking.
Companies must instead plan for a breach and develop and deploy policies and procedures for discovery, mitigation, remediation and reporting particularly as reputational risk is huge in broadcasting.
“To keep that door closed, broadcasters need to do more than just adopt technical standards but must also revise their overall approach to security at a human and logistical level,” says Gerben Dierick, Chief Information Security Officer at VRT in Belgium.
The European Broadcasting Union (EBU) has declared that all broadcasters and their technology suppliers are to work together over cyber security and adopt the best available practises from the IT world.
From creation to consumption, media production networks as well as corporate IT and media storage locations need to be access-controlled in order to defend from intrusion.
The EBU R143 paper incorporates additional broadcast-specific features to take account of the vulnerabilities associated with production workflows and infrastructure being transferred to IT technologies.
The security recommendations can apply equally to the cloud as broadcasting continues to shift to an IP infrastructure. the media content becomes more central to all enterprises and the distinction between broadcasting and other online services will disappear.
Broadcast satellites are often at risk of cyber attacks.
According to the Straitstimes, Japan’s International Affairs and Communications Ministry will consider an operation to develop a new communication system to prevent satellites being exposed to cyber attacks.
The system features a dynamic encryption of data transfers using lasers and code generators from the satellites to their terrestrial sources making it difficult to decode data if intercepted by unauthorised parties. The project will involve the combination of government, industrial and academic institutions to develop a commercial system in the next 5 to 10 years.
Partnerships and guidelines
In September 2017 the UK’s Digital Production Partnership (DPP) and North American Broadcasters Association (NABA) published a paper on basic security requirements in documentation, testing and authentication.
DPP Chair and ITV Director of Broadcast Operations Helen Stevens said: “Protecting the viewer’s experience and the veracity of our output is the number one concern today.
“The growth in connected services and IP-driven production, as well as cloud platforms and applications, means that, as a modern broadcaster, our focus has to be on protecting our content from increasingly frequent cyber attacks.”
Common threats faced by broadcast companies
- Signal piracy: WIPO (World Intellectual Protocol Organisation) internet treaties that would outlaw the breaking of anti-piracy locks on digital signals such as encryption and ‘tagging’
- Data leakage: the collection and monetisation of an online publisher’s audience data by a third party without the publisher’s permission
- Piracy: As the TV show Game of Thrones is the most pirated show in history, simultaneous global broadcasting could be a solution to tackle TV piracy.
Over the last two years broadcasting companies have become victims of high profile attacks.
- On 23 April 2015, a hacker group claiming to support Islamic State (ISIS) attacked the French national television broadcaster TV5 Monde.
The result of the hack was the broadcasting of pro-ISIS material on the hijacked channel and the exposure of sensitive internal company information. It took over three hours for TV5 to regain control
- In April this year, security consultant Rafael Scheel, employed by Swiss cyber-security outfit Oneconsult, hacked into a Samsung TV as part of a demonstration.
In a presentation to the European Broadcasting Union (EBU), Scheel gave an introduction to IoT cyber securityby remotely taking over smart TVs. About 90% of the TVs sold in the last years are are thought to be susceptible to similar attacks.
Scheel was able to hijack the TV by adding malicious code to an over-the-air broadcast signal that triggered the TV’s web browser and allowed him to remotely control it via the internet.
- Internet infrastructure company Dyn was attacked by cyber hackers on 21 October 2016.
Users were unable to access to PayPal, Twitter and Spotify and dozens of websites were disrupted. The attack first targeted the eastern United States then spread throughout North America and Western Europe. Broadcast companies affected included CNN, HBO, Amazon, Yelp and the Wall Street Journal. In the aftermath, the FBI and Homeland Security were asked to investigate.
- Britain’s security services prevented a planned attack by hackers which targeted the UK TV broadcast sector, with BBC, ITV, Channel 4 and Sky the focus of the attack.
According to British security officials it was the same party that claimed responsibility for the attack on French international broadcaster TV5 Monde.