On Wednesday night, parties claiming to belong to the Islamic State (ISIS) blacked out broadcasts on 11 channels of French television station, TV5Monde, as well as breached and defaced the network’s social media accounts.
The massive hack-attack – which took the station off the air for hours and disrupted normal operations for nearly a day – was certainly not the first assault directed by Islamic extremists at media outlets, but, the technological sophistication of this week’s broad takedown of a network does seem to represent a significant escalation of capabilities; if this action was truly carried out by ISIS, it is evidence that the group may have far more advanced cyberwar capabilities than was conventionally believed to be the case.
Just a few weeks ago, I spoke with Eugene Kaspersky, cybersecurity pioneer and CEO of the renowned cybersecurity firm, Kaspersky Lab, who told me that one of the greatest cyberthreats facing society today is cyberterrorism. According to Kaspersky, while terrorists historically did not invest in cyberattacks because their value versus cost-to-execute was uncertain, recent intelligence suggests that terrorists now view the success that criminals have achieved with their cyberattacks as indicators that the time to invest in cyberattacks has arrived.
ISIS’s taking out of a television network for under a day may not have caused any deaths – but it clearly has significant propaganda value and represents a major victory for the terrorist organization. Thankfully, the group achieved only a disruption – not the ability to broadcast its own propaganda and gruesome videos to millions of unsuspecting viewers. But media outlets should beware – the present attack is likely the tip of the iceberg, and numerous attacks are probably being planned and executed as I write this article.
Human mistakes, and a lack of proper cybersecurity, seem to have been at least partial enablers of the breach. There is evidence that people working at TV5Monde were using weak passwords to secure access to sensitive systems, and, after the breach occurred, the station even allowed one of its reporters to be interviewed on television with images of passwords written on notes attached to a wall clearly visible in the background. It hardly instills confidence when a media outlet announces to the world that its passwords are literally posted on walls, and that the password for its YouTube account is “lemotdepassedeyoutube" – the French equivalent of "thepasswordofyoutube." On top of these issues, it also appears that the channel’s business operations networks and broadcasting systems were not adequately separated from one another, dramatically increasing the potential for hackers to black out broadcasts. While these mistakes may or may not have been factors in enabling the breach, they are tell-tale signs of inadequate cybersecurity; it’s hard to believe that an entity with such glaring and obvious problems was getting the more complex nuances of cybersecurity right.
Based on the clear information-security problems at TV5Monde I’m not sure how much sophistication was really needed on the part of ISIS in order to carry out this attack; carelessness on the part of the victim may have played a large role. But, regardless of the expertise needed to achieve the blackout this week, there is little doubt that the ISIS’s success will lead to both it – and other terrorist groups – spending resources pursuing cyber attacks in the future. From a propaganda perspective, ISIS is a heavily utilizer of videos; hacking a major network and airing its own videos would be to it the cyber equivalent of hitting the jackpot.
Business owners must take note; cyberterrorism should not be a concern for only large enterprises and utilities considered to be critical infrastructure. There are sufficient computer systems and data in the hands of smaller businesses for terrorists to wreck havoc and execute economy-crippling attacks without ever having to target a large organization. (For obvious reasons I will not describe any such potential attacks.) If you utilize the services of a lawyer and an accountant because you realize the value of professional expertise in these areas, and understand that you cannot possibly be an expert in these areas and run your business at the same time, you should be taking the same approach vis-à-vis cybersecurity as well. Had TV5Monde had a proper information-security audit, many of the glaring mistakes would likely been caught before it was too late. When it comes to cybersecurity, an ounce of prevention can be worth many tons of cure.
Follow Joseph Steinberg on
