Hijacked TV Station Points to Expanding Reach of Cyberattacks

TV5Monde Facebook page following the television station's recent cyber attacks.

In what was one of the most severe outages of its kind, French national television broadcaster TV5Monde was recently the target of a well-planned and -staged cyber attack that took down its 11 television channels, website, and social media streams.

The hacker group responsible claimed to support the so-called Islamic State (ISIS), and proceeded to broadcast pro-ISIS material on the hijacked channels, while also exposing sensitive internal company information, and active military soldiers’ details.

It took TV5 three hours to regain control of its channels. The scale and completeness of the attack, and the fact that it involved hijacking live television broadcast channels, has shocked the media industry and prompted heated discussion on what steps might prevent, or at least limit, the likelihood of this reoccurring.

The Shift from Analog

The fact that a major European public service broadcaster could be taken down so efficiently flags an underlying weaknesses in modern broadcasting.

For years the industry has been moving away from traditional, analog audiovisual broadcasting technology towards digital-only, network-based infrastructures. This is a logical and necessary process for broadcast companies to keep pace with technological development, and to benefit from the efficiencies of digital media network distribution. But any system based on delivering digital media over the internet is potentially vulnerable to cyber attack from outside.

These sorts of events often prompt moves that seem to be a case of bolting the stable door after the horse has left. For example, when planning a new building or station installation, it is common for there to be an argument over the value of a robust uninterruptable power supply system, or UPS. These are expensive and often seen as unnecessary, until the power fails, at which point a UPS redundant battery backup is worth, quite literally, its weight in gold—and batteries are heavy.

Similarly, the reaction to the assault on TV5 has been a call for immediate and widespread cybersecurity improvements, including new collaborations between European security and law enforcement agencies in order to react faster and more effectively when such attacks occur. The question must remain as to how the many, almost daily examples of hacking and cyber criminal attacks on firms had not prompted broadcasters to take the threat seriously before now.

Old Ideas, New Tech

There have been television broadcast signal hijacks before these modern, internet-enabled times. In 1977, the evening programming from broadcaster Television South in the United Kingdom was cut across by a hoax signal overriding the program’s audio, claiming to be from an alien civilization and demanding world disarmament. In 1986 in the United States, HBO’s East Coast satellite feed was interrupted by a hacker calling himself Captain Midnight—actually satellite engineer John R. MacDougall—protesting at cable television fees.

In 1987, a Chicago television broadcast was interrupted by a man wearing a Max Headroom mask. He has never been identified. In these instances hijacking the signals involved physical access to or tampering with the transmitters uplink sites, or broadcast feeds. For example, MacDougall worked at firm that uplinked programs onto satellite feeds and so had access to all the equipment needed.

There are other means of interrupting broadcasts, such as intentional jamming of signals by using one transmission of a higher power to block out another. During the Cold War it was common for the Soviet Union and Eastern European governments to use high-powered antenna to cancel out Western media such as Radio Free Europe east of the Iron Curtain. More recently, the BBC World Service coverage of the contested Iranian election of 2009 was quashed by stronger signals causing interference throughout Iran and surrounding countries.

There are relatively few examples of incidents like these because it has previously been difficult to interrupt a television or radio broadcast chain. This is not the case in our new, all-digital, internet-connected media infrastructure. The scale of this intrusion into a major European public service television station is unprecedented, and a worrying escalation of the scope and capability for politically motivated attacks on the media and freedom of speech.

Laurence Murphy is Senior Lecturer and Researcher in Media Technology at the University of Salford.

This article was originally published on The Conversation on April 21, 2015.