iStockphoto/stockcam Once upon a time, a broadcaster’s worst security threat was someone cutting tower guys and dropping the tower.
Unfortunately, the advent of the Internet and Web-connected stations has resulted in a new class of threats. Cyberthugs can cripple a broadcaster in so many novel ways that cowering and hoping to stay out of virtual sight is no longer an option.
A session of the 2015 NAB Show is titled “Cybersecurity for Broadcasters: Protect Your Station From Hackers, Spammers and Black Hats.” Moderated by Gary Smith, chief engineer at Cherry Creek Radio in Saint George, Utah, the session will be held on Wednesday morning, April 15.
“The session is intended to make broadcasters aware of the need for cybersecurity and to introduce cybersecurity best practices,” said Smith.
KNOW YOUR ENEMY
Awareness starts by understanding the difference between hackers, spammers and black hats; all can do harm to a broadcaster through the Web.
“A hacker may be ethical, using IT knowledge to improve security, or may be unethical — “cracker”— using knowledge for harmful purposes,” Smith explained.
“A spammer uses email, messaging services, junk fax and other means to deliver unwanted or unsolicited messages. A black hat hacker uses IT knowledge to violate computer or Internet security for disruptive malicious purposes or for personal gain.”
The scope of the cybersecurity threat cannot be overstated in its potential breadth and impact on broadcasters.
“A cybersecurity attack can be as minimal as unwanted pop-ups on a Web page to a complete shutdown of the automation system and station routing systems,” said Gary Smith.
“Business and accounting systems may be put at risk. EAS system attacks can result in costly fines to the licensee for failing to protect their system and or train their staff in EAS operations. Further, unauthorized EAS activations [can] diminish the effectiveness of the system in a real emergency.”
The Emergency Alert System has been targeted by hackers. For instance, on Feb. 11, 2013, hackers briefly broke into EAS via various U.S. stations.
“The data bursts and the two-tone EAS attention audio preceded the report, which warned, ‘Civilian authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living,’” said Smith. The message may have been amusing, but alerting officials took it dead seriously.
The hackers were able to achieve this breach because “the EAS decoding devices were on the public Internet and had not had their default passwords changed, enabling the problem.”
Broadcasters’ video and audio streams are attractive targets for hackers. In two instances, hackers broke into a station’s IT infrastructure, changing their streaming media settings such that users were redirected to www.rudefm.com, rather than the station’s own media feed. The cause was a combination of the two stations’ “inadequate security safeguard,” said Smith, plus the hacker’s “ability to insert and/or redirect audio content.”
A further threat is ransomware. This is a form of malware that is introduced into a broadcaster’s network when an employee unwittingly clicks on a bogus link or an executable file attached to an email. Once in the station’s network, the virus encrypts the files there so that they cannot be opened. The broadcaster is then told that it has to pay a certain sum electronically to the hackers within a certain time limit, in order to get an electronic “key” to unlock its files.
Ransomware incidents “have already occurred at several radio stations in Michigan, Louisiana and Arkansas, the Australia Post and ABC News,” Smith said.
These are just some of the cybersecurity issues that today’s broadcasters have to protect themselves against. The FCC’s Communications Security, Reliability and Interoperability Council Working Group 4 (CSRIC WG4) is developing a cybersecurity strategy for broadcasters that will help them address such threats.
Meanwhile, “the FCC’s CSRIC WG3 has prepared a report ‘Recommended Security Best Practices for EAS Participants,’ which extensively outlines methods to protect from unwanted intrusion into the network,” said Smith. “It includes basic recommendations, such as changing factory default usernames and passwords, placing equipment behind a firewall and limiting physical access to sensitive equipment.”
On a day-to-day basis, broadcasters can improve their cybersecurity by training staff never to open suspicious emails and attachments; to stay away from questionable websites; and to use passwords that are robust and changed on a regular basis.
Broadcasters should also ensure that their data is backed up in a separate location that is kept off the network, except for daily updates. In this manner, the broadcaster’s IT department can restore files that have been damaged by hackers, or encrypted by ransomware.
James Carelessreports on the industry for Radio World from Ottawa, Ontario.