CBR gets expert opinion following the attack which took out the French broadcaster’s social media, web and TV networks.
Islamic fundamentalists ISIS have taken responsibility for yesterday’s hacking of French national TV network, TV5 Monde. The attack took out the network’s social media, web and TV networks and became front page news around the world.
But what are the implications of such an attack? To answer that question, CBR has asked five security experts for their thoughts and expert opinion on this much talked about cyber attack.
1. ‘Indicative of society’s increasing reliance on the Internet’
David Emm, Kaspersky Lab, commented:
"This is another example of the threats posed by hacktivism. Stealing money or confidential data is not the only motive behind attacks – sometimes the purpose of an attack is to make a political or social point. Unfortunately the rise of such attacks is indicative of society’s increasing reliance on the Internet. Almost all areas of our life now have an online aspect to them, so it’s hardly a surprise to find that social and political activity is moving online too. We also see real-world tensions and conflicts being reflected online – also an indication of how much the Internet is woven into the fabric of our lives.
"The problem is that today such attacks can be set up cheaply and easily, from almost anyone, whether that be a competitor, a dismissed employee, socio-political protesters or just a lone wolf with a grudge. As a result, we’ve seen the volume of targeted attacks rapidly increase in recent years. No matter how big or small an organisation is, the reality now is that everyone is at risk from a cyber-attack, so all organisations need to be vigilant. As with other forms of cyber-attack, attribution is not an easy thing to determine."
2. ‘At this stage it’s hard to assess the damage’
Edward Parsons, Senior Manager at KPMG’s cyber security practice said:
"This attack on TV5 Monde is the latest in a series of politically motivated cyber attacks: Until recently the most effective attacks have been conducted by groups closely aligned to state powers, with the recent attacks on US media outlets and financial institutions serving as an example of this. Unfortunately the capabilities and infrastructure previously reserved for nation states and their proxies have been commoditised and made available to all in online criminal marketplaces.
"At this stage it’s hard to assess the damage of this attack, beyond the reputational damage caused by website defacements and social media hijacking, but the disruption to broadcasts points is a concerning development. We have seen similar tactics being used in recent attacks against other media companies, where data theft has been coupled with material damage to servers and desktop computers. We may therefore see politically motivated cyber attacks become more damaging.
"Companies need to protect themselves from similar incidents by treating corporate social media accounts with the same governance and protection as you would apply to any corporate account. They must also ensure that internet facing services are patched regularly to remediate vulnerabilities that could be exploited in an attack, furthermore there needs to be a tried and tested response mechanism in place."
3. ‘Accurate attribution is almost impossible’
Gavin Millard, Technical Director of Tenable Network Security, told commented:
"Accurate attribution is almost impossible in a world where some of the core disciplines are manipulation and misdirection. The tagline "CyberCaliphate" and IS messaging were prominently displayed on the Facebook and Twitter profiles of TV5Monde, very similar to what has previously been seen in hacks, such as the Newsweek Twitter hijack back in February.
"Could this be a hacking collective aligned, sympathetic or part of IS, ISIL or ISIS? Maybe, but it could also be a group with no affiliation to the terrorist organisation using the media interest in the group to fan the flames of the breach to raise prominence and notoriety.
"News is slowly coming out that could indicate TV5Monde may have a less than stellar security posture, including the exposure of YouTube credentials in a recent TV interview. I’m sure we’ll see many commentators stating this was a "sophisticated and complex" attack, but the reality could be far simpler."
4. "There seems to be no silver bullet for this situation"
Snorre Fagerland, Researcher at Blue Coat‘s European security lab, said:
"The intrusion of TV5 Monde, similar to the Sony attack, shows that any entity on the Internet is a target now. All conflicts now have carry a likelihood for them to have a cyber dimension, because these attacks are cheap, easy, and relatively risk free.
"Unfortunately there seems to be no silver bullet for this situation.
"Modern computer systems are so interconnected and complex that there is always an opportunity for mischief if you are persistent; and in many case you don’t even have to be that. If the attacker cannot immediately find a way in, there’s always the human factor. And humans are – unfortunately – difficult to patch. Nevertheless, skilled people can make the difference between a win and a loss."
5. "Hackers are getting better and better"
Florian Malecki, marketing director of networking security at Dell, told CBR’s Jimmy Nicholls:
"One thing that we see more and more of is cyber-terrorist activity. In Western Europe there’s a good level of defence, but there’s other parts of the world where budgets and knowledge are not that high.
"What’s become more challenging is the level of knowledge: hackers are getting better and better. They also do their homework, so rather than target a large group of people, some are becoming more specific."