OTTAWA—On Oct. 16, 2021, Sinclair Broadcast Group’s operations were severely compromised by a cyberattack in which a number of its servers and workstations were encrypted with ransomware, disrupting certain office and operational networks. A month later, the station group said that the cyberattack was still affecting daily operations.
Sinclair is just the latest in a long list of broadcasters that have been hacked worldwide. In a well publicized 2015 incident, France's TV5Monde endured a cyberattack that damaged critical IT systems and cost $15 million to repair.
The French television network was “saved from total destruction by the fact we had launched the channel that day and the technicians were there," said TV5Monde Director Yves Bigot in a BBC interview. "One of them was able to locate the very machine where the attack was taking place and he was able to cut out this machine from the internet and it stopped the attack.”
In 2019, The Weather Channel experienced their own ransomware attack, but in this case, they had better backup strategy, according to Michael Gibbs, CEO of Go Cloud Careers.
“They played a prerecorded episode of [TWC’s] ‘Heavy Rescue,’ and restored their systems from a backup. This was an excellent response.”
Responses notwithstanding, these incidents illustrate the threats posed by hackers to media content and IT infrastructure and drive home the need for broadcasters and other content creators to act now to protect these assets, or risk losing their value to cybercriminals.
A Wide Range of Threats
The famous Depression-era criminal Willie Sutton was once asked why he robbed banks, to which replied, “because that’s where the money is.”
In the 21st century, cybercriminals target broadcasters and major content creators for the same reason. As a result, “TV broadcasters and content creators truly have to shoulder the responsibility of defending against two major threats,” said Skip Levens, marketing director for media and entertainment for Quantum. “The first is ransomware where the critical systems relied on to run the larger organization must be protected. The second is their content being stolen and leaked online, which could lead to enormous losses in future revenue.”
Despite best efforts to guard against piracy, video hacking continues to grow, as evidenced by Akamai’s recent State of the Internet/Security report “Pirates in the Outfield.”
“The report reveals that between January and September 2021, global piracy demand — measured by visits to websites offering access to movies and television shows, either directly through a browser or mobile application, as well as torrent downloads — reached 3.7 billion unlicensed streams and downloads,” said Eric Elbaz, Akamai’s principal strategic engagement manager.
To make matters worse, the traditional amateur pirates who stole content to share it online have been replaced by organized pirates who do it for profit, according to Asaf Ashkenazi, president and COO of Verimatrix.
“They redistribute the content as part of a new service that often seems legitimate,” he said. “Also, they often use the infrastructure owned by the broadcasters and content distributors. Therefore, not only is the content distributor losing revenue coming from subscribers, VoD and advertisement, but they are also unknowingly paying the cost of distributing the video on behalf of the pirates.”
Credit card theft is another reason for hackers to target broadcasters/content creators who sell streaming content. “With so many companies storing high-value personal data online, they have quickly caught the attention of cybercriminals,” explained Muhammad Rehman, vice president of product management, CDN, Cloud Security & Edge Computing for Edgecast. “Streaming services are a gold mine, with credit card numbers and other personally identifying information on the menu.”
Ways to Fight Back
There are many ways to protect media content and infrastructure assets, starting with the cybersecurity resources being offered by NAB.
“Educating the public about protecting and securing their digital presence is of critical importance to defend against these attacks,” said Sam Matheny, NAB’s EVP/CTO. “NAB provides educational webinars, practical training, actionable information, and other critical resources to help local radio and TV stations understand cybersecurity and safeguard their networks.”
Once this understanding has been gained, TV broadcasters/content creators can employ one of three strategies to deal with cyberattacks: “Do nothing, play defense, or go on the offense,” said Verimatrix’s Ashkenazi who touts the company’s Verimatrix Streamkeeper, which Ashkenazi describes as “a battle-ready cybersecurity and anti-piracy solution designed to hunt down and take out threats.”
Akamai helps media companies protect their content and infrastructure "by applying state-of-the-art intelligent protections at the edge, safeguarding against cyber threats, detecting and mitigating online piracy in near real-time, and securing revenue streams," according to Elbaz.
Some of their protection options are designed specifically for broadcasters like Akamai's Managed Content Protection (MCP) service. MCP is delivered by Akamai experts in the media Broadcast Operations Command Center (BOCC), helping customers prevent and mitigate piracy “in short order,” according to Elbaz.
Given that Edgecast offers a cloud-based online security solution to repel cyberattacks,
Rehman is an advocate for cloud anti-hacker tools such as Web Application Firewalls (WAFs) and bot management. He added that cloud-based DDoS (distributed denial-of-service) protection is better executed by cloud software than on-premises hardware. The latter “requires regular maintenance and assistance, and it has trouble keeping up with high-volume DDoS attacks,” said Rehman.
Avid’s approach is to build cybersecurity into its video products, according to Craig Wilson, Avid’s Media and Cloud Product Evangelist. “There is a very close relationship between our engineering and Infosec teams to ensure our approach builds this [protection] in from the start and we are constantly monitoring for any new threats which emerge,” he noted. “We also regularly post updated security bulletins and advice for our customers and advise them on any patches which they may need to apply.”
For Quantum, convincing customers to back up files/systems today is a smart way to mitigate cyberattacks tomorrow.
“This can be done using Quantum’s StorNext high-speed shared storage and Quantum’s CatDV media asset management solutions, along with the reverse—ensuring that systems are properly backed up to private object storage like Quantum ActiveScale or Quantum Scalar tape,” said Levens, who adds that “Quantum solutions like StorNext and CatDV are available in the cloud, and can be configured and developed in advance ready to take over for affected physical systems if needed.”
Protecting content means protecting ads as well. SpotGenie’s business case is focused on TV broadcasters storing, accessing, and playing commercials from this company’s cloud servers, which offers protection for broadcasters during ransomware attacks, according to Wayne Dykes, president/CEO. “With SpotGenie, your revenue generating commercials are still available even if your own IT infrastructure has been blocked by hackers,” he said.
Clearly, broadcasters/content creators have options for protecting their content and infrastructures against cyberattacks. But they cannot achieve maximum success without making cyber defense a core part of their corporate culture and daily operating procedures.
“Content security needs to be considered as a critical infrastructure of an organization's overall cybersecurity posture and readiness,” Elbaz said. “Awareness is crucial; continuously evolving the security posture and keeping up with the latest threats and mitigation strategies is essential for companies to do.”
