Search This Blog

France’s TV5 was saved by unplugging infected box

French TV network, TV5Monde was nearly destroyed by a powerful cyber-attack when it was taken off air in April 2015, said it’s director-general, Yves Bigot.

Cyber caliphate, linked to the Islamic state claimed the initial responsibility for the attack but further investigation revealed the attack was carried out by a group of Russian hackers who targeted malicious software to destroy the TV network’s systems. Some security experts reckon the Russians were testing out a capability against a live target.

All 12 channels of the TV network went off air at 20:40 (IST 00:10) on April 08 last year for hours which could have lasted much longer had a techie not disconnect a compromised system from internet which was spreading malware. The first of the restored channels was only brought back at 05:25 (IST 8:55) the following morning by the techie team present on the site of disaster. Any substantial delay might have prompted satellite distribution channels to seek reparation from or cancel their contracts with TV5Monde.

On the day this incident happened, a new channel was launched and French ministers had been in attendance at the Paris headquarters.

Ten weeks before launching this attack, the hackers had penetrated into the TV system network using multiple points of ingress including remote controlling cameras and created custom software that hobbled encoder systems used to transmit programmes. The perpetrators had first penetrated the network on 23 January.

The attackers used seven different points of entry. Not all of them were part of TV5Monde or in France. In one case, a company based in the Netherlands was targeted because it supplied the remote controlled cameras used in TV5's studios.

The attack cost the TV station €5m ($5.6m) and left it with an increased reoccurring bill of €3m ($3.4m) for improved security controls.
Share it: