Broadcast News
12/03/2018
Can I Lend You A Cyber?
Broadcasters are now a major target for cyber terrorism. But are they doing enough to protect themselves, asks Paul Robson.
As I write this article, I am slowly starting to recover from yet another exhaustive, degrading and almost cattle-like experience at airport security.
Frequent travellers – and even those that are not – will know what I mean. With long queues, intrusive officers and the need to remove various bits of clothing (plus the occasional physical pat down), getting into an airport can be quite oppressive. Actually, come to think of it, where DID I put my watch and belt?
Anyway, while it's no fun, I fully understand that security is a necessary evil in airports and, in fact, throughout our modern world.
There are so many stories these days relating to security, especially cyber attacks. Last summer was all about the NHS. That assault affected many health service PCs and IT systems that were not properly secured. I don't think it's as simple as blaming Windows XP level but flaws in an out-of- date operating system allowed cyber terrorists to shut down huge swathes of the NHS for a day. This type of attack has also hit large corporate businesses, especially in the banking industry, which is my domain. One of our key lending partners experienced a large scale cyber attack last year and had to take swift and evasive action.
As a result of attacks like this, the banking community is constantly looking at its own security measures and we regularly receive requests asking us to refresh passwords and update our software.
Now, with all of this in mind, it strikes me that it's only a matter of time before a cyber-attack of some magnitude hits a broadcaster. After all, they are just as reliant on IT systems as hospitals and banks.
The film industry has already been breached. Last summer Sony Pictures was held to ransom by an organisation that had obtained unreleased copies of "Pirates of the Caribbean 5".
Is this the start of things to come? If it is, I am not sure the TV industry is sufficiently prepared. Most post-production and production companies have near-line back-ups and off line or off site copies of their completed material and their edit lists. That's great, but in this ever more data-hungry world – the world of everything now – it's no longer possible to deliver a completed TV series to a broadcaster by a courier or runner. No, every single programme is now a digital file that is QC checked by the production company (or more likely by their chosen post house) and delivered to the broadcaster or straight to a playout centre via the internet.
The big question is: how secure is this process?
It's not just edited programmes that are at risk. Live sport and other live events – something that many of Medialease's clients are involved in – is equally vulnerable.
Twelve months ago, the world's first 4K outside broadcast truck to have IP at its core (rather than SDI) was completed and launched by one of our clients. Since then the rest of the world has taken note and more have come online.
These trucks, and all live broadcast events, are littered with IP-based equipment for live production.
Each piece of IT-based equipment has its own IP address and is connected through a colossal router. This means that once it is connected via fibre to the outside world (for contribution, delivery or broadcast), any of the IP devices in the chain could potentially be intercepted or affected. This is a very real threat.
Again, how safe are these systems in the face of a cyber- attack?
With these new vulnerabilities – plus our often-lackadaisical approach to passwords and software updates, not to mention user error and disgruntled employees – I firmly believe there will be a significant cyber attack on the broadcast industry at some point soon.
What I hope, is that the technical gurus in our hyper-intelligent forward-thinking industry will get together and share their knowledge and development of security systems to very much prove me wrong.
Airport security is certainly a pain but it is essential for safe onward travel. Cyber security in TV is no different.
Paul Robson is the Managing Director of asset finance company Medialease.
This article is also available in the March edition of Broadcast Film & Video.
www.medialease.com
As I write this article, I am slowly starting to recover from yet another exhaustive, degrading and almost cattle-like experience at airport security.
Frequent travellers – and even those that are not – will know what I mean. With long queues, intrusive officers and the need to remove various bits of clothing (plus the occasional physical pat down), getting into an airport can be quite oppressive. Actually, come to think of it, where DID I put my watch and belt?
Anyway, while it's no fun, I fully understand that security is a necessary evil in airports and, in fact, throughout our modern world.
There are so many stories these days relating to security, especially cyber attacks. Last summer was all about the NHS. That assault affected many health service PCs and IT systems that were not properly secured. I don't think it's as simple as blaming Windows XP level but flaws in an out-of- date operating system allowed cyber terrorists to shut down huge swathes of the NHS for a day. This type of attack has also hit large corporate businesses, especially in the banking industry, which is my domain. One of our key lending partners experienced a large scale cyber attack last year and had to take swift and evasive action.
As a result of attacks like this, the banking community is constantly looking at its own security measures and we regularly receive requests asking us to refresh passwords and update our software.
Now, with all of this in mind, it strikes me that it's only a matter of time before a cyber-attack of some magnitude hits a broadcaster. After all, they are just as reliant on IT systems as hospitals and banks.
The film industry has already been breached. Last summer Sony Pictures was held to ransom by an organisation that had obtained unreleased copies of "Pirates of the Caribbean 5".
Is this the start of things to come? If it is, I am not sure the TV industry is sufficiently prepared. Most post-production and production companies have near-line back-ups and off line or off site copies of their completed material and their edit lists. That's great, but in this ever more data-hungry world – the world of everything now – it's no longer possible to deliver a completed TV series to a broadcaster by a courier or runner. No, every single programme is now a digital file that is QC checked by the production company (or more likely by their chosen post house) and delivered to the broadcaster or straight to a playout centre via the internet.
The big question is: how secure is this process?
It's not just edited programmes that are at risk. Live sport and other live events – something that many of Medialease's clients are involved in – is equally vulnerable.
Twelve months ago, the world's first 4K outside broadcast truck to have IP at its core (rather than SDI) was completed and launched by one of our clients. Since then the rest of the world has taken note and more have come online.
These trucks, and all live broadcast events, are littered with IP-based equipment for live production.
Each piece of IT-based equipment has its own IP address and is connected through a colossal router. This means that once it is connected via fibre to the outside world (for contribution, delivery or broadcast), any of the IP devices in the chain could potentially be intercepted or affected. This is a very real threat.
Again, how safe are these systems in the face of a cyber- attack?
With these new vulnerabilities – plus our often-lackadaisical approach to passwords and software updates, not to mention user error and disgruntled employees – I firmly believe there will be a significant cyber attack on the broadcast industry at some point soon.
What I hope, is that the technical gurus in our hyper-intelligent forward-thinking industry will get together and share their knowledge and development of security systems to very much prove me wrong.
Airport security is certainly a pain but it is essential for safe onward travel. Cyber security in TV is no different.
Paul Robson is the Managing Director of asset finance company Medialease.
This article is also available in the March edition of Broadcast Film & Video.
www.medialease.com
More Support Services Stories
12/03/2018
Can I Lend You A Cyber?
Broadcasters are now a major target for cyber terrorism. But are they doing enough to protect themselves, asks Paul Robson. As I write this article, I
Can I Lend You A Cyber?
Broadcasters are now a major target for cyber terrorism. But are they doing enough to protect themselves, asks Paul Robson. As I write this article, I
14/02/2017
How Soon Is Now?
Deciding whether or not to invest in IP-based equipment for the move to UHD is neither a technological nor a financial decision, argues Paul Robson. I
How Soon Is Now?
Deciding whether or not to invest in IP-based equipment for the move to UHD is neither a technological nor a financial decision, argues Paul Robson. I
12/02/2016
Finance Made Easy From Medialease
Founded in the late 1990s, Medialease helps businesses to locate financing options for broadcast and post-production equipment. Paul Robson, Managing
Finance Made Easy From Medialease
Founded in the late 1990s, Medialease helps businesses to locate financing options for broadcast and post-production equipment. Paul Robson, Managing