NINE has confirmed that a cyber-attack affected its television network which was unable to broadcast Weekend Today on Sunday morning.
While NINE was able to get the NRL to air, 9News, Sydney did not go to air at 6pm viewers were advised that their bulletin was coming out of the Melbourne Studios, with the Melbourne Weekend NEWS reader Alicia Loxley.
In a memo to staff, Nine’s Director. People & Culture, Vanessa Morley, said “Our IT teams are working around the clock to fully restore our systems which have primarily affected our Broadcast and Corporate business units. Publishing and Radio systems continue to be operational.
“While our IT teams work through this issue, we ask that all employees, in all markets, work from home until further notice.”
Staff were further advised that if they needed to come into the office, to expect disruption to the NINE IT network although, emails did not appear to have been impacted.
Subscribe to the radioinfo podcast on these platforms: Acast, Apple iTunes Podcasts, Podtail, Spotify, Google Podcasts, TuneIn, or wherever you get your podcasts.
Interruption of a broadcasting by electronic intrusion into the broadcaster's facilities has been occurring for decades. For example, in the US, HBO's main program was substituted for five minutes with the intruder's message. The perpetrator was caught and prosecuted. The Wikipedia article gives more examples of interruption to broadcasts by intrusion, https://en.wikipedia.org/wiki/Broadcast_signal_intrusion.
Nine's situation involved a person hacking its studio playback and distribution system https://itwire.com/networking/cisco%E2%80%99s-digital-infrastructure-built-on-ip-fabric-to-provide-increased-efficiency,-agility-and-flexibility.html.
Whether the main program was substituted with the intruder's message or in Nine's case the disruption of the program by the network's inability to transmit its program material must have knowledge of the technology used to transmit the program material in order to interrupt the broadcast.
In this case, somebody must have knowledge of the Cisco system used at the Nine Network.
Accordingly, the person who committed the latest intrusion must be apprehended. The Nine Network is correct ask for the assistance of agencies of the Federal Government specialised in cyber security,
reference, https://www.smh.com.au/business/companies/nine-s-weekend-today-fails-to-air-due-serious-technical-issues-20210328-p57ep5.html .
In the physical world, broadcasters employ security guards to reduce the risk of unauthorised people from entering the broadcaster's premises. In the cyber world, more resources are needed to be spent on IP security of broadcasting equipment connected to the internet.
All of us mere mortals with devices connected to the internet have anti-virus, anti-intrusion, anti-malware and anti-spyware software. Why not businesses and public agencies?
Thank you,
Anthony of thoughtful Belfield
https://itwire.com/networking/cisco%E2%80%99s-digital-infrastructure-built-on-ip-fabric-to-provide-increased-efficiency,-agility-and-flexibility.html is an interesting read.
Any mission critical system must not be connected to the internet due to the possibility of cyber attack. Now the predictable has happened. It hasn't happened before because programs only flowed on dedicated digital communications where the provider authorises access such as Telstra's Digital Video Network. Not being connected to the internet means it cannot be hacked unless a TV station uses computers which are also connected to the internet.
Thus playout computers must not be connected to the internet but dedicated data circuits. Ingestion can be from the internet into a separate computer. The play out computers should only be able to extract files from the ingestion computer by file names only. These files are video/audio/subtitle files and will not be .exe files which can affect the operation of the controlling computers.
It will mean that maintenance will have to be performed on site and not remotely via the internet!
Fully agree with Mr St. John.
Before the availability of IP networks as a method of distribution of audio and video information, The PMG/Telecom Australia/Telstra had a separate audio and video distribution divisions, Sound Operations Centre (SOC) and Television Operations Centre (TOC), respectively. So TV content would arrive as audio and video lines from SOC and TOC.
In addition for a brief period of time, Integrated services digital network (ISDN) was a method of conveying digital information over the publicly switched telephone network.
Now, broadcasters use IP to convey broadcast content. To illustrate, a major provider of outsourced outside broadcasting (OB) facilities distributes its content, 100% IP at gigabit rates, https://www.nepgroup.com.au/project/andrews-hubs and https://www.nepgroup.com.au/services/centralised-production .
New methods of conveying broadcast intelligence require new methods of securing the networks and maintaining the networks' security. It requires investing in 'resources' in personnel and security methods in hardware and software.
Thank you,
Anthony of "...there's nothing new under the sun..." (Ecclesiastes 1:9) OR "...everything old is new again..." (Peter Allen) regarding methods to protect facilities, Belfield