Filed under Security
Broadcast, email and social media systems all struck.
The
French government is calling an urgent meeting of the country's media groups
after a hacking attack on the country's TV5Monde network by a group affiliated
to Islamic State.
The
attackers took all 11 of the public broadcaster's TV channels off air from 10pm
Wednesday to 1am Thursday (local time) and seized control of its social media
accounts and website.
The
station's Facebook page carried messages reading "CyberCaliphate" and
"Je SuIS IS", along with copies of ID cards and other documents
purportedly belonging to relatives of French soldiers engaged in the battle
against Islamic State.
The
Paris prosecutor’s office has opened a terrorism investigation into the attack.
With
the assistance of the French National Information Systems Security Agency,
ANSSI, TV5Monde was able to begin broadcasting pre-recorded programs across the
channels from about 2am and has since regained full control of its channels,
which broadcast to more than 200 countries.
But
the station's website is still down and employees still have no access to email
almost 24 hours after the attack began.
CyberCaliphate
is the same name used by the attackers who took over the US military’s Central
Command social media accounts in January, and those of Newsweek
magazine in February.
But
IS expert Wassim Nasr told the France 24 English channel that there were
"weird" anomalies in the messages posted in French, Arabic and
English by the attackers, "including many things that cannot be said in
Arabic … it looks like Google Translate".
Christophe
Birkeland, vice-president of engineering at the US-based security firm Blue
Coat Systems, told The Guardian the "initial infection" was
"probably either someone’s stolen credentials, probably for remote
networking access, or the installation of a remote administration tool used to
access deeper and deeper levels of the network and attack systems. Both of
these attacks typically use social engineering."
Reports
suggest that TV5Monde's internal defences were not robust and once they had
gained entry to its networks, the attackers were able to reach the systems
controlling playout to air and live broadcasts.
"Social
engineering might be incredibly low-tech sometimes, but once you’ve got the
compromise, most security systems are not set up to deal with the idea of
someone using security credentials in a non-authorised way, which allows
attackers to reach even the deepest, most secure sections of a corporate
network, which is likely what has happened here," Blue Coat employee Robert
Arandjelovic toldThe
Guardian.
0 comments:
Post a Comment