FEED Issue 25

27 SECURITY FOCUS Cyber Threats

are consumerised, it gives hackers access to easy reverse engineering to find holes,” explains Onuoha.


technology world. You’ve had that interplay for years in other sectors, but broadcast is starting to feel it more now.” Onuoha points out that vendors like encoder manufacturers are often reluctant to put antivirus software or other countermeasures in their products, because it could slow them down and video needs real-time processing and the lowest latency possible. The proliferation of COTS technology and public cloud introduce their own complications. “There are obviously different models of cloud, but in the case of public cloud, like AWS, Azure, everyone can connect to it. So let’s look at, for example, a denial of service attack. If you wanted to impact the more ‘traditional’ broadcast infrastructure, such as digital TV or satellite, some form of physical intervention the technical know-how. “But with something like an on-demand streaming player, all you need to do is send that player a lot of requests. And now with the dark web, you can hire compromised machines – we call them bots – and you just overwhelm the service.” BBC iPlayer suffered some DDoS (distributed denial of service) attacks in 2015. And it was a surprise – DDoS attacks had previously been thought of as a traditional IT hack, not something employed against media companies. “Broadcasters now have mitigations in place for such DDoS attacks. Previously, too, there was a high barrier to entry. Encoders used to cost a lot of money. But now that you have so many platforms that is required, such as signal jamming or interference, which is expensive and you need

When people think about cybersecurity, the first threat that often leaps to mind first is content theft and piracy, but although it

is a financial drain on content owners, it doesn’t constitute the existential threat that other attacks can. “Concern about content theft is still valid, but where broadcasters should be worried is around mass attacks that can affect availability

– if you’re streaming a live event, you need it to be available at that time. The other vulnerability is integrity, with the threat of hackers swapping in a different feed.” Onuoha paints the scenario of a deep fake video, with a fake news studio being able to significantly damage a news broadcaster’s reputation and cause potential panic and financial loss. “Imagine news station XYX broadcasts that a FTSE 100 company is about to go bankrupt and that’s live on a trusted channel with the presenter looking the same as the one you’re used to and it has the same ticker, too. People are going to start dumping shares,” warns Onuoha. The security of the data harvested from viewers to personalise content or create other services is another a major vulnerability, says Onuoha. Availability and integrity have been the two pillars of broadcasting that must be protected, but confidentiality is starting to become another key part of preserving a media brand. “Just as you are able to clear your browser history, broadcasters need to give viewers the ability to clear their data. Personalised data can be used to build profiles on people, which could leave

Onuoha notes that in the TV5Monde attack, the bulk of the video infrastructure was SDI rather than IP-based, and so fairly safe from attack, but the IT management and control layer was vulnerable. UP TO THE CHALLENGE Part of Onuoha’s work with the AIB has been to get broadcasters and their vendors on the same page in their cybersecurity response. In an industry with so many traditional media companies are having to upskill their engineers into an IT world and that is further complicated by the historical conflicts between your information technology world and your operational moving parts, it’s not always easy. “You have a skills challenge. The

feedzinesocial feedmagazine.tv

Powered by