Cyber security is a critical component in modern broadcast infrastructures. Reliance on IP networks inevitably leads to a much wider exposure of vulnerabilities to the outside world. Add remote production into the mix, and the potential for security to be compromised multiplies.
“Broadcast is considered a particularly fertile ground for some types of attacks due to its ability to instantly reach very large audiences,” warns Geoffrey Crespin, senior solutions architect at live production vendor EVS. “Causing transmission loss during a live event watched by billions is certainly an appealing prospect for many hackers out there.”
EVS outlines the pathway to ensuring cyber security in live production workflows in a new white paper, “5 steps to make live production workflows cyber-secure.”
The first step is to know which equipment must be protected. And that means all hardware and virtual (VM and cloud) assets on your networks — from the humble office printer to the latest high-spec super slo-mo camera equipment.
Keeping an inventory may seem obvious but given the amount of equipment used in live production environments and stored ready for deployment, it can seem a daunting task. However, by closely managing all hardware on the network — both IT and broadcast devices — it is easier to spot rogue assets and remove or isolate them.
Crespin says, “Whether you rely on manual lists or use asset discovery and software inventory tools, the core security principle is simplicity. If software is unauthorized, it should not be installed. If an asset is not needed, that asset should not present on the network. If it is not present, it can’t cause a security risk.”
Once you understand the hardware and software you need to protect, it’s essential to know who has access to and uses those systems and applications, he says.
“The most common attacker techniques take advantage of uncontrolled administrative privileges, so keep access in check. If logging and analysis of events is not present, it allows attackers to hide their location, malicious software, and activities on victim machines.”
Broadcasters are further advised to ensure the network itself is protected. Obvious perhaps, but modern broadcast IP architectures are complex. Workflows rely on ethernet networks to provide the scalability and bandwidth to manage devices, assets, data, applications, users and locations — all interconnected and communicating with the external world.
“Whilst each organization must take responsibility for its own security policies, the burden of cyber-threats is one that is shared across the broadcast and media community, so you’re not facing it alone,” he says.
Broadcasters are working with industry bodies such SMPTE and the European Broadcast Union (EBU) to push cyber security due diligence to the top of the agenda for manufacturers, services providers, systems integrators and users alike.
“All workflows and customers are different so the risk factors and needs will also differ every time. However, applying international security standards and following the recommendations published by industry bodies means laying a solid foundation for a future-proof, cyber-secure infrastructure.”
With the growth of remote production, the need for content to be widely shared between collaborators in different physical locations, and the increasing number of services running in the cloud, internet-facing applications are flourishing.
These programs are designed to be accessible from within the internal network but also available to the outside world through web interfaces, providing a wider attack surface for cyber criminals.
To prevent unauthorized access, companies need to make sure all exposed entry points like user interfaces and interconnections with thirds parties are fully protected before the application goes live.