Yves Bigot - bet he's not biased :-)
France’s TV5Monde came “within hours” of being destroyed by hackers, according to the station’s boss. TV5Monde was taken off air for hours in April 2015. The interruption might have lasted longer but for the intervention of a techie who pulled the plug on a compromised system that was spreading malware, Yves Bigot, the …
Monday 10th October 2016 18:34 GMT Gene Cash
Tuesday 11th October 2016 00:39 GMT P. Lee
> The attack cost the TV station €5m ($5.6m) and left it with an increased reoccurring bill of €3m ($3.4m) for improved security controls.
Or maybe it should have already spent that money but didn't? I'm not sure the attack cost them that, it was the lack of defences. Was the attack really so bad that they needed on-site personnel to unplug the device? No remote switch-port management? No VLAN reconfiguration could have done it?
Is the recurring $3.4m up from $3.39m which is their normal IT security spend?
If an attack costs $5.6 to clean up, your security infrastructure wasn't right to start with. Assume you are going to get hacked. Assume you will need to rebuild everything. Segment your data, segment your access. Know what you have and what happens if you lose it. Now, what infrastructure do you need?
Tuesday 11th October 2016 08:03 GMT Voland's right hand
You are looking at the typical attitude of the person in his position which sees this as a non-essential, unpleasant and unwanted overhead instead of an essential cost to doing business.
Looks like he has not learned that in his business the uptime and reputation are everything and the costs to protect either are essential costs. Not unwanted additional overheads - they should have been budgeted and paid in _ADVANCE_.
So IMHO there will be more of the same here. It is only a matter of time.
Tuesday 11th October 2016 09:09 GMT Warm Braw
uptime and reputation are everything
TV5Monde is, to all intents and purposes, a consortium of francophone state TV stations trying to push a cultural/political agenda in the same was as the BBC World Service does. There's a limit to how much money their parent broadcasters are prepared to spend on what is for them a non-core activity, much in the same way that there is a limit to the amount the BBC was prepared to spend to overcome jamming.
And that's precisely the point of these kind of attacks - to raise the "cost of doing business" to a point at which it isn't actually worth doing the business.
Tuesday 11th October 2016 07:35 GMT Oh Matron!
Tuesday 11th October 2016 10:00 GMT Squander Two
> Listening to the interview yesterday, it was "indicated" that the attack was by the cyber-jihadists, with later investigations showing it was Russian linked
Yes, I thought that too. Although I didn't get it from hearing the interview. I got it by continuing to read this article all the way to the end.
Tuesday 11th October 2016 08:20 GMT Bob Rocket
Coincidently there were some technicians on site who just happened to turn on a new channel when the whole thing went tits up, that was lucky because one of those technicians managed to pull the plug before any more damage was caused.
Now call me a conspiracy theorist if you like but I'd suspect the technician. (but wouldn't be surprised if said technician tried to blame the bogeyman)
Tuesday 11th October 2016 16:28 GMT Anonymous Blowhard
Tuesday 11th October 2016 19:38 GMT Bob Rocket
Media company with crap security and no DR
waits six months to announce the bad guy du jour did the dirty
'The perpetrators had first penetrated the network on 23 January. '
and nobody noticed until
8 April when the network went down.
'staff had to return to using fax machines as they could not send emails.'
'We had to wait for months and months before we reconnected to the internet'
this one is the killer though
'Special authentication procedures are needed to check email from abroad, flash drives have to be tested before being inserted.'
What's the likelihood that someone clicked on an email link for a kitten picture or plugged in an infected flash card sometime before 23rd Jan.
Of course it is entirely possible that the devil Putin himself hacked into some frog TV station from his desk one night between eating babies.
Tuesday 11th October 2016 21:11 GMT Anonymous Coward
The BBC article has a lot more detail
@Anonymous Blowhard: "The BBC article has a lot more detail, and attributes the damage to APT28 AKA Fancy Bear."
"The attack used highly targeted malicious software to destroy the TV network's systems." ref
A bit scarce on the actual technical details.