Preparing for the Coming Hacks

OTTAWA—In July, HBO’s media content library was hacked when 1.5 TB of data was illegally accessed and downloaded, including unaired episodes of “Ballers,” “Barry,” “Insecure,” and “Room 104,” plus a script for an unaired episode of “Game of Thrones.” These were later made available on the apparently hacker-run website Winter-leak.com, (the site is currently inaccessible but media coverage is available at winter-leak.ml). The result: HBO’s expensively-produced premium content was online for anyone to see for free.

An Akamai Security Operations Center

HBO is just the latest victim of unauthorized entry into its video operations. In April of 2015, hackers claiming allegiance to the Islamic State, (and now potentially believed to be Russian), knocked French-language broadcaster Canal Plus off the air for the better part of a day; in March, 2013, North Korea posed a series of cyber-attacks on South Korea inflicting damage on three major banks and two broadcasters. “The broadcasters were not affected on-air; however, their business IT infrastructure was paralyzed,” according to the white paper “Cyber Security Services for Broadcasters,” by Obor Digital, an Orlando, Fla.-based provider of cyber security solutions for broadcasters.

These kinds of attacks are becoming more common and more serious, said Rob Caldwell founder and CEO for Obor Digital, which, along with TV Technology, conducted a series of Cyber “boot camps” for broadcasters this fall. “In the case of content producers, the threat is to their bottom line,” he said. “Who will pay to see premium video content if hackers are making it available for free?”

Making matters worse is that “broadcasters haven’t yet begun to seriously address the threat of ‘content replacement’ where a hacker or disgruntled employee could potentially replace a commercial spot with media intended to create panic, confusion and chaos,” Caldwell added. Not all threats come from hackers breaking directly into servers either. “All it takes is an employee to bring in a USB flash drive that’s infected with hacker malware—say with some ‘free music’ they downloaded to listen to at work—then plugging the flash drive into the broadcaster’s internal network. All of a sudden, the ‘bad guys’ can get in and steal what they want—and they will.”

There are several caveats broadcasters should be aware of when protecting their valuable media content from online theft and illegal distribution. Here are three of them:

WORK WITH A SECURE CONTENT DISTRIBUTOR

As broadcasters and content creators distribute more of their premium content online, they will invariably come under hacker attacks more often.

So says Dave Lewis, global security advocate the Boston-based streaming provider Akamai. His remedy is for broadcasters and content providers to hook up with a secure content delivery network (like Akamai), which has sophisticated cyber security tools such as web application firewalls (WAF) already in place.

Case in point: A distributed denial of service (DDoS) attack occurs when a hacker floods a web site with so many requests that the site ceases to function, knocking it offline. Unfortunately, such attacks are extremely common these days, and they can result in content distributors being unable to serve paying clients.

To prevent this from happening, “Akamai can provide a line of defense to ensure your web site stays online, so that your customers can be assured that they will have access to your programming during DDoS attacks,” said Lewis. “As well, our platform is extremely secure; making your content far less vulnerable to piracy.

HIRE A PROFESSIONAL 

Originally, the U.S. military decided to use Obor Digital’s Zeus software to track military communications equipment, configurations, failures and repair issues in Afghanistan and Iraq, according to Caldwell. Subsequently, Obor decided to partner with those military cyber specialists and bring this expertise directly to broadcasters.

Cyber security services offered by Obor Digital to broadcasters include “Vulnerability Assessments” to determine a content provider’s operational/IT system weaknesses and remedies for them; ongoing Monitoring (three available levels) to detect and address security threats/attempted intrusions; Security Device Management to ensure that the broadcaster’s security devices are running properly; and Incident Response to step in when an attack succeeds, minimize it, and determine what happened after the fact to keep it from happening again.

GO FULL OUT ON END TO END SECURITY

The Entertainment Security Operations Center in Los Angeles

Los Angeles’ new Entertainment Security Operations Center (ESOC) is an end-to-end response to hacker threats. Built by security solutions provider Secure Channels Inc., ESOC combines a “tier 3” (99.98 percent availability) data center infrastructure with dark fiber tethering (connecting over so-called dark fiber networks that are not otherwise in use), to provide content creators with a totally secure, membership-only production process.

“We only connect your company to other ESOC-checked members, meaning that everyone in your production chain is secure and verified,” said Richard Blech, CEO of the Irvine, Calif.-based company. “Too many times, a major content provider with reasonable security will contract a third-party firm that isn’t secure, putting the entire production/distribution chain at risk. The ESOC model eliminates this risk, because everyone you work with is as secure as you are.” ESOC’s protection extends to member documents and emails, as well as video content.

James Careless

James Careless is an award-winning journalist who has written for TV Technology since the 1990s. He has covered HDTV from the days of the six competing HDTV formats that led to the 1993 Grand Alliance, and onwards through ATSC 3.0 and OTT. He also writes for Radio World, along with other publications in aerospace, defense, public safety, streaming media, plus the amusement park industry for something different.