
How France's TV5 was almost destroyed by hackers - dan1234
http://www.bbc.co.uk/news/technology-37590375
======
raitom
Haha I remember this story. I haven't fully read this article but do they
mention that their passwords were shown during an interview? (source, in
french: [http://www.tuxboard.com/tv5-monde-mots-de-passe-clair-
interv...](http://www.tuxboard.com/tv5-monde-mots-de-passe-clair-interview/))

~~~
NKCSS
It's not just TV stations that get hacked this way; it's common to leave post-
it's with credentials in office environments; when you air them in HD on tv,
that might cause problems :)

------
davidf18
I once worked as a consultant to a subsidiary of one of the larger
Cybersecurity vendors.

Many institutions have weak cybersecurity including healthcare concerns. In
this Fortune article about he Sony hack, the CEO said basically that they did
not want to spend the money for Cybersecurity. [http://fortune.com/sony-hack-
part-1/](http://fortune.com/sony-hack-part-1/)

Target and Lowe's POS terminals were hacked because they were told to upgrade
their software to a newer version of the OS and they didn't do it. The CEO of
Target was canned as a result.

Many firms and other institutions love the power of computing without spending
the money and hiring the expertise needed to maintain the security. There are
private security contractors that these groups can hire _to ensure that their
environment is fully secure_.

In addition to financial audits, shareholders should insist on cyber security
audits to ensure that the firm or institution is acting in a responsible
manner.

Obviously acting in a responsible manner regarding Cybersecurity is not a
guarantee, but many cases of hackers breaking in is because of not even making
the attempt to be secure.

~~~
stefs
_fully secure_? aeh.

it's a tradeoff. you spend time, money and productivity loss (i.e. procedures)
on IT security to decrease the risk of a successful attack. every additional
dollar spent decreases the probability a bit further (if done right) but your
returns are diminishing. at some point it's not worth anymore.

> "The TV5 attack fits into this pattern of highly-targeted attacks, rather
> than the kind of general criminal activity typically seen on the web."

in my opinion: no matter what kind of business you do, if you fall victim to
the "kind of general criminal activity typically seen on the web" you're
acting negligent.

then, after a certain point of increased protection attacks drastically
decrease for most businesses because you're not worth the time and money it
costs to attack you.

but fully secure? i mean, the stuxnet attack is the best counter example.

i compare it to healthy living: by investing time and money and refraining
from doing certain pleasurable things you're improving your health and
increase the chance to reach an old age. but it's no guarantee - you can still
get hit by a car or succumb to cancer at age 20 just due to bad luck.

~~~
davidf18
I think we agree. By doing your best to implement security measures (hire
cybersecurity consultants, install the software they recommend, etc.) you are
still exposed to risk, just significantly diminished since generally hackers
would go after easier targets.

At issue is that many firms do not implement these security measures at all.
The Sony people were repeatedly warned and had earlier breeches but didn't
want to spend the money it took to follow measures recommended to them until
after the attack. I think their mindset is not so unique and that many firms
aren't doing what they can to try to eliminate the breeches. In some cases,
the issues are internal, but in others customer lists are breeched, etc. or
credit cards hacked as in Target, Lowe's, and others.

------
alva
Hijacking live broadcasts seems to be one of the ultimate hacker
accomplishments. There is something about it that is far more disconcerting
than just defacing a webpage. Seems like it would feel far more invasive,
popping on your living room tv. Would love to know how much someone like the
BBC spend on security, must be huge.

The most famous TV hack, Max Headroom [1] (NSFW), from what I recall involved
overriding the terrestrial signal, presumably with very powerful broadcasting
hardware. BBC are digital now, so I am surprised they haven't had a successful
incident yet.

[1]
[https://www.youtube.com/watch?v=tWdgAMYjYSs](https://www.youtube.com/watch?v=tWdgAMYjYSs)

~~~
joshstrange
I came across this a number of years ago and the wiki article is a very
interesting read [0]

[0]
[https://en.wikipedia.org/wiki/Max_Headroom_broadcast_signal_...](https://en.wikipedia.org/wiki/Max_Headroom_broadcast_signal_intrusion)

~~~
smoyer
And of course there was Captain Midnight!

[https://en.m.wikipedia.org/wiki/Captain_Midnight_broadcast_s...](https://en.m.wikipedia.org/wiki/Captain_Midnight_broadcast_signal_intrusion)

~~~
joshstrange
Also a very interesting story but Max Headroom will also stand alone IMHO due
to the person never getting caught and the seemingly randomness of the whole
thing.

------
joezydeco
_" Any substantial delay would have led satellite distribution channels to
cancel their contracts, placing the entire company in jeopardy."_

Can someone explain that a little more? Are satellite carriage contracts so
twitchy that going dark on a channel for more than a few hours forfeits your
service?

~~~
epse
I don't know about France's laws but in Belgium radiosilence and television
black are forbidden and you don't need to be down for an hour to lose your
license, and the carriers will in general ditch you really quickly AFAIK

~~~
gpvos
Okay, next question: why is that?

------
rasz_pl
"The attackers used seven different points of entry. Not all of them were part
of TV5Monde or in France. In one case, a company based in the Netherlands was
targeted because it supplied the remote controlled cameras used in TV5's
studios."

= cameras with a backdoo^^^^cloud integration/permanently connected to
manufacturers server.

~~~
qb45
That's actually quite ironic. Selling some insecure hardware not only exposed
their clients, but also lured hackers to their own systems.

------
dredmorbius
I'd be really interested in seeing informed commentary on what is gained by
this.

In general, crippling hacks aren't terribly useful -- they're embarassing and
harmful to the targets, especially in shaking confidence. But they're not
particularly useful to a general attacker. Having insider access to a
television or broadcast entity would itself be useful.

Other options might be to test (or prove) the capability to take a target
down, particularly in preparation for other more advanced capabilities.

The more successful parasites don't disable hosts, but hijack them to their
own ends. That is something I'd find more troubling.

Online searches don't show much at Schneier or other security-minded blogs. Am
I missing something?

I did find a Friday Squid discussion:
[https://www.schneier.com/blog/archives/2015/04/friday_squid_...](https://www.schneier.com/blog/archives/2015/04/friday_squid_bl_473.html)

------
woliveirajr
> And that is indicative of a new trend: attacks with physical-world
> consequences.

In general, I think all attacks made against computers have physical world
consequences. Time, money, disrupted services...

------
smoyer
The cost is $3m per year for each year after the attack for extra protection
... I'd argue they were discounting their security posture by $3m every year
before the attack.

------
TwoBit
Im guessing they were targeted merely because they had poor security and
random scanning found a gaping hole.

------
etiene
Is no one paying attention to the fact that the guy is called Mr. Bigot? xD

