Pro-ISIS hackers have managed to take a French TV network off air, and hijack its website and Facebook page. 11 channels belonging to the French-language TV network, which broadcasts to more than 200 countries worldwide, stopped transmitting programmes after what was described as an "extremely powerful cyberattack". The TV network's director general, Yves Bigot, told the media (presumably those who were still able to broadcast the news) that it might take days for the station to recover:
"We are no longer able to broadcast any of our channels. Our websites and social media sites are no longer under our control and are all displaying claims of responsibility by Islamic State."
Having commandeered TV5MONDE's social media accounts, the attackers posted threats against French troops, publishing documents purporting to be the ID cards and resumés of French soldiers involved in anti-ISIS operations.
Similar messages were also posted on TV5MONDE's website. Clearly this was a significant attack against the TV network, and one has to wonder whether the company had enough security measures in place to make it harder for hackers to compromise so many of its systems. For instance, was any form of two-step verification in place to prevent unauthorised users from logging into the company's Twitter and Facebook accounts? Was there any two-factor authentication or IP-checking in place to control who was able to remotely access the organisation's network servers and website backend? Since the height of the attack the situation has improved somewhat, although the main TV5MONDE website remains down for what I imagine is fairly critical maintenance:
Interestingly, the attack comes less than a week after a video was released, describing how Ericsson had been brought in to replace much of TV5MONDE's technical broadcast infrastructure. https://www.youtube.com/watch?v=O0YCpywVfD0 Not enough information has been released by the station regarding the nature of the attack, so it's far too early to pin any blame, but this clearly isn't the kind of advert that Ericsson was looking for. Those with long memories may recall that this isn't the first time that a TV station has been hit hard by online criminals. I am reminded somewhat of how the Zotob worm hit CNN hard ten years ago, disrupting programming. In the heat of the moment, CNN's Wolf Blitzer arguably overplayed the worm's worldwide impact, perhaps because his station's own newsroom was running Windows 2000 and was suffering so badly. https://www.youtube.com/watch?v=YgW7sP0GT1w A Moroccan court subsequently served prison sentences on Farid Essabar and his Achraf Bahloul in connection with the Zotob worm, and an alleged co-conspirator, Atilla Ekici, was apprehended in Turkey. Whether the authorities will be as successful in catching those responsible for the attack against TV5MONDE remains to be seen, but one would hope that such a high-profile hack has resulted in the authorities being called in and asked to investigate. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc.
