I was at a security conference recently, and a representative
of a television station approached me. He had seen coverage of the hack of the French television station TV5Monde by ISIS and needed to know what he could do
to prevent a similar incident at his own station.
I admit that, when I first saw coverage of the attack on the TV station, I dismissed it as yet another IT network breached that was not directly relevant to Waterfall's focus on industrial control systems.
The security manager from the TV station, though, explained to me that, in fact, the station had a control system and leased network connections for its physical broadcast towers, controlling characteristics of the physical broadcast and, of course, feeding signal into the towers to broadcast. Much of the signal is recorded, but some of it is live. The station never wants a cyber assault to hijack its signal the way TV5Monde was hijacked, right through what the TV5Monde described as a "very strong firewall."
The more I heard, the more it became clear that this was a classic control system problem. The computer control system controlled the physical broadcast and needed continuous communications with corporate monitoring and billing systems. The system also had occasional needs to pick up new, approved, recorded video content from external sources, and to receive live feeds for broadcast. Unidirectional gateways support continuous monitoring without introducing vulnerabilities that always come with firewalls. The FLIP enables occasional updates of scheduled, recorded material in a queue for broadcast, and a variety of mechanisms support occasional live broadcasts, depending on circumstances of the broadcast and the source of the live feed.
Targeted attacks are everywhere nowadays. It seems not even television stations want to entrust their broadcasts and their reputations to firewalls any more.
I admit that, when I first saw coverage of the attack on the TV station, I dismissed it as yet another IT network breached that was not directly relevant to Waterfall's focus on industrial control systems.
The security manager from the TV station, though, explained to me that, in fact, the station had a control system and leased network connections for its physical broadcast towers, controlling characteristics of the physical broadcast and, of course, feeding signal into the towers to broadcast. Much of the signal is recorded, but some of it is live. The station never wants a cyber assault to hijack its signal the way TV5Monde was hijacked, right through what the TV5Monde described as a "very strong firewall."
The more I heard, the more it became clear that this was a classic control system problem. The computer control system controlled the physical broadcast and needed continuous communications with corporate monitoring and billing systems. The system also had occasional needs to pick up new, approved, recorded video content from external sources, and to receive live feeds for broadcast. Unidirectional gateways support continuous monitoring without introducing vulnerabilities that always come with firewalls. The FLIP enables occasional updates of scheduled, recorded material in a queue for broadcast, and a variety of mechanisms support occasional live broadcasts, depending on circumstances of the broadcast and the source of the live feed.
Targeted attacks are everywhere nowadays. It seems not even television stations want to entrust their broadcasts and their reputations to firewalls any more.
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.