French telly station boss spills les haricots on what happened
France’s TV5Monde came “within hours” of being destroyed by hackers, according to the station’s boss.
TV5Monde was taken off air for hours in April 2015.
The interruption might have lasted longer but for the intervention of a techie who pulled the plug on a compromised system that was spreading malware, Yves Bigot, the director-general of TV5Monde told the BBC.
All 12 of TV5Monde’s channels went off air at 20:40 on Wednesday, 8 April 2015.
The first of the restored channels was only brought back at 05:25 the following morning by one of a team of technicians (fortuitously) on site at the time disaster struck.
“We were saved from total destruction by the fact we had launched the channel that day and the technicians were there,” Bigot explained.
A longer delay might have prompted satellite distribution channels to seek reparation from, or, worse, contract cancellations with TV5Monde, an existential threat for the TV station.
Hackers – who had penetrated the TV system network 10 weeks before launching an attack and only after careful reconnaissance – created custom software that hobbled encoder systems used to transmit programmes before striking in early April.
The hackers broke into TV5’s network using multiple points of ingress, including supplier networks such as the remote controlled cameras used in TV5’s studios.
Although the hack was ostensibly made by cyber-jihadists affiliated with IS, Russia (more specifically the APT 28 hacking crew) has since emerged as the prime suspect in the attack.
Some security experts reckon the Russians were testing out a capability against a live target.
The attack cost the TV station €5m ($5.6m) and left it with an increased reoccurring bill of €3m ($3.4m) for improved security controls. ®