Site Security in a Post 9/11 World
Apr 1, 2013 6:00 AM, By Kevin McNamara
The security at broadcast facilities has always been a concern, but after the events of Sept. 11, 2001, it took on a whole new meaning. Physical threats to a facility may be minor when compared to the damage that could occur if a cyber attack hit your network and disabled critical infrastructure. In 2002, the Homeland Security Act was enacted. Part of the act called for the formation of the Department of Homeland Security (DHS). In 2003 the DHS was formed as a result of the reorganization of several government agencies, including the Federal Emergency Management Agency and the Federal Communications Commission. The stated responsibilities of the DHS include:
� Emergency preparedness and response (for both terrorism and natural disasters), including volunteer medical, police, emergency management, and fire personnel;
� Domestic and International intelligence activities, largely today within the FBI;
� Critical infrastructure and perimeter protection;
� Border security including both land, maritime and country borders;
� Transportation security, including aviation and maritime transportation;
� Detection of radioactive and radiological materials;
� Research on next-generation security technologies.
The FCC subsequently formed the Public Safety and Homeland Security Bureau (PSHSB), whose mission is "Ensuring public safety and homeland security by advancing state-of-the-art communications that are accessible, reliable, resilient, and secure, in coordination with public and private partners." The PSHSB is primarily dealing with the security of our overall communications infrastructure including wired and wireless communications systems as well as the myriad cyber-security issues we face daily. The PSHSB tends to focus on public safety related infrastructure vulnerabilities as opposed to traditional broadcast services.
The Media Security and Reliability Council (MSRC) is a "Federal advisory committee that was formed to study, develop and report on communications and coordination designed to assure the optimal reliability, robustness and security of the broadcast and multichannel video programming distribution industries in emergency situations." Its members consist primarily of representatives from broadcast groups, networks and other organizations related to the industry. In 2004, the MSRC produced the "Local Radio Station Model Vulnerability Assessment Checklist," which you have probably seen and likely used the assessment. In 2005, they also produced a detailed document called the "Local Radio Station Model Disaster Recovery Plan and Incident Response Manual," which was produced as a tool that can help broadcasters recover from short-term disaster situations and assists with creating an incident response manual that would guide the staff to ensuring an efficient recovery. It also included the vulnerability checklist noted above.
In general, the document specifies certain guidelines that should be followed, such as:
� Radio broadcasters should have appropriate physical security, augmented by security personnel and/or video surveillance at their key facilities, including studios/newsrooms, satellite transmit and receive sites and antenna/transmitter sites.
� Radio broadcasters should employ diverse power grid sources wherever feasible.
� Radio broadcasters should take appropriate measures to provide backup power capabilities for their key facilities, including studios/newsrooms, satellite communications and transmitters.
� Radio broadcasters with local news origination should ensure that they have robust and redundant ways to communicate with external news services and remote news teams, such as the use of mobile radio and Internet to augment cell phones.
� Radio broadcasters should have backup signal feeds to their primary satellite transmit and receive sites.
� Radio broadcasters should have redundant signal paths to their primary and backup transmission facilities.
� Radio broadcasters with local news origination should plan to have emergency origination capability at a separate location from their primary studio (e.g., backup studio, transmitter site, remote van, another station, etc).
� Radio broadcasters with local news origination should have a remote vehicle, or some means of delivering live news and information from a remote site.
� Radio broadcasters should have the capability of receiving a remote feed at an additional site from their primary studio (e.g., directly at their tower sites, at backup studios, etc).
� Radio broadcasters should have a backup satellite transmitter and receiver, or an alternate means (e.g., a satellite radio receiver, a dedicated phone line or a streaming audio Internet connection) to send and receive signals from and to national news services in emergency situations.
� Radio broadcasters should have a backup transmitter, and should attempt to make practical arrangements for geographic diversity where possible (e.g., provisions for emergency use of other backup transmitter/antenna facilities in the community or other means).
� With the cooperation of federal and local policy makers, all radio broadcasters in a market should collaborate to increase their collective site diversity and redundancy, including their collective news studios, operations, satellite transmit and receive facilities and transmitter and antenna sites.
- continued on page 2
Site Security in a Post 9/11 World
Apr 1, 2013 6:00 AM, By Kevin McNamara
Cyber attacks: the real threat?
While there is always the threat of disaster, natural or man-made, to the physical infrastructure of your facility, perhaps the most likely threat will be through some form of cyber attack to PCs, networks and even mobile devices. The majority of these attacks are reportedly originating from countries such as China, Russia, Iran and North Korea to name a few. The rates of attacks have escalated dramatically over the past three years. While many of the attacks occurring in the United States are targeting federal, state and local governments, banks and other large corporations, the reality is that any device connected to the Internet are vulnerable. Cyber security has become a big enough problem that new positions or even whole departments have been created to deal with the situation.
Radio facilities might be particularly vulnerable as they tend to utilize network(s) to handle different functions (i.e. back office, traffic, news, sales and streaming) within the same facility. While they may utilize different servers to perform specific functions, it is important they are isolated with appropriately configured firewalls. I would be careful to assume that because particular functions operate on a local or corporate-wide intranet, that there is no chance of attack. Consider that any desktop PC that could access to one of these private networks, either directly or through a VPN becomes an opportunity to infect that private network if, for example, it is also connected to the Internet. The fact is that the same PC doesn't need to have access to the Internet; it could get infected through the exchange of an infected thumb drive. Anti-virus programs do a great job to stop most potential infections, but not necessarily all of them. Keeping the programs virus library up to date certainly is good practice, but does not guarantee something will not slip through.
One client, a large municipality, recently experienced an attack that was the result of a few employees responding to an email, requiring them to change their password. The link sent them to a rogue site, which looked official. Although it was an innocent (and rookie) mistake, it cause their servers to send about 300,000 spam emails per day and took about two weeks to contain. While this is just one example, there are hundreds of different types of attacks occurring each day around the world. It is not hard to find stories and statistics on the Internet. Some examples include energy company BP who says it suffers 50,000 attempts of cyber intrusion a day; the Pentagon reports getting 10 million attempts a day; the National Nuclear Security Administration, an arm of the Energy Department, records 10 million hacks a day; and the United Kingdom reports 120,000 cyber incidents a day.
It is a different world, and as a station engineer/manager, you need to be aware, not only of the steps needed to ensure the physical security of the property, but to the vulnerabilities of your network infrastructure.
McNamara is president of McNamara Associates, Cape Coral, FL.
Remote access, inside Emmis Terre Haute, Field Reports on the Rode Reporter and Belar FMCS-1, working with Corian and more products at the 2013 NAB Show....