ALEXANDRIA, VA.—When our world was a little younger and a lot more innocent, a broadcast operation had little to worry about in terms of security. Perhaps the only safeguard was a hired guard brought in during evening hours to ensure only personnel and expected guests came and went (and no equipment walked out).
That was then; this is now.
Thanks to our highly connected world, it now takes a lot more than a Pinkerton guard to protect broadcast operations. This has given rise to a whole new enterprise—cybersecurity, a term that surfaces almost daily, along with reports of email hackings, data breaches, credit card skimmers—even electronic intrusion at the Pentagon.
With almost every piece of gear having an Ethernet port, one might think broadcasters would be especially vigilant. However, this is not always the case.
“Some broadcasters are; some aren’t,” says Kelly Williams, senior director of engineering and technology policy for NAB. “Human behavior is still an issue,” noting that this boils down to risk tolerance—just how serious the threat is perceived to be by businesses and individuals running them.”
While networks and larger station groups have implemented “special ops” groups for safeguarding technical infrastructures, cybersecurity for others is merely installation of antivirus software and implementation of “off-the-shelf” firewalls.
“The banking business has been all over this for a long time and the government has also been very concerned about cybersecurity,” said Williams. “However, some companies haven’t given it much thought at all,” adding that the problem is greater now than ever.
“We’re much more reliant on products that are essentially computer-based,” he continued. “Encoders, playout servers—these are really just computers running Linux or Windows, with software that makes them do what they need to do. Also, the control for devices now is all IP, with access to machines often through a web-based GUI, as not all have keyboards and monitors. Control is via an IP network. Your broadcast plant is really an IP network and is susceptible to ‘shenanigans’ on someone’s part, be it an employee, an outsider, or even a nation state. Operations are much more vulnerable to some sort of a cyber mishap than a few years ago,”
(As an example. Williams related an incident in which France’s Canal Plus was electronically hijacked, with programming on its 11 channels ceasing and normal content on its website replaced by messages presumably supporting the Islamic State. The cyberattack was so devastating it took hours to restart even basic operations, and weeks passed before everything was fully normalized. The attack cost the broadcaster nearly $11 million, not including lost advertising revenue.)
A LONG WAY SINCE ‘CAPTAIN MIDNIGHT’
Wayne Pecena, director of engineering at KAMU public radio and television, and the Texas A&M University System’s wide area data and distance learning network, and a frequent lecturer on cybersecurity at broadcast engineering conferences, echoed Williams’s remarks.
“Cybersecurity in any organization often takes less priority because it is not the core business,” he said. “It is certainly not the core business of a broadcast entity.”
And he agreed that the threat is worse than ever, recalling that two 1980s “hacking” incidents (the “Captain Midnight” and “Max Headroom” transmission disruptions) required specialized hardware (a satellite uplink and microwave transmitter). It’s much different now.
“Today, havoc can be implemented with a notebook computer from a Starbucks,” Pecena said/
So, is there anything broadcasters can do, other than bringing in specialized cybersecurity companies?
“It’s all about ‘cyber hygiene,’” said Williams, explaining that much of this is just common sense.
He suggests immediately changing any manufacturer-supplied passwords when installing new equipment, and implementing policies forbidding such things as connection of employee devices to station networks, as something as innocent as the insertion of a “foreign” thumbdrive into a computer USB port can place malware on a network.
“You need to make the entire staff aware of cybersecurity,” he said.
Williams added another very important (but often overlooked) “cyber hygiene” practice to the list.
“When an employee leaves, immediately kill off all of their passwords,” noting that neglecting this places a station’s infrastructure at high risk, especially in the case of terminated staffers.
He added that firewall implementation is not something that can be done once and forgotten about.
Pecena added his own suggestions for safeguarding broadcast infrastructures, which include:
· Use a “best practice” approach to network architecture design.
· Segment the network into functional domains—keep broadcast content and control networks separate.
· Allow access on a “need-to-access” basis.
· Use a proxy device to transfer external files with enterprise grade antivirus.
“A firewall takes regular care and feeding to be an effective cybersecurity measure,” Pecena said. “‘Care’ [in analyzing] the log files to see what is being filtered [denied or permitted] and ‘feeding’ to maintain security signature updates.”
Whether it’s a major television network or LPTV, all broadcast operations are vulnerable to cyberattacks. It behooves players to learn as much about cybersecurity as possible and to practice it on a daily basis.
Gary Arlen is president of Arlen Communications LLC, a research and consulting firm. He can be reached at email@example.com.
Need to Know More?
Do you have a burning question about cybersecurity? Or maybe there's a particular topic you'd like to see us tackle in future installments of Need to Know. Email us at firstname.lastname@example.org and we’ll put our top minds on it!
To learn more about cybersecurity's influence on other technology channels, check out these articles from Future sister titles: