FYI.

This story is over 5 years old.

Tech

ISIS Wannabes Know that 'Hacking' Media is the Best Way to Get Attention

And they're not even the first ones to hack TVs.
Image: schmilblick/Flickr

On late Wednesday a group of hacker that claims to be affiliated with the militant group known as ISIS broke into the computer systems of a French television network, blacking out its channels and defacing its website and social media accounts.

Apparently someone

— Macky Knife (@NextDoorArab)April 8, 2015

The hack was apparently carried out by the same ISIS fanboys hacking group that calls itself "CyberCaliphate," and has claimed other high-profile victims such as Newsweek, CENTCOM's Twitter account as well as seemingly random targets such as The Albuquerque Journal, and a Maryland CBS affiliate.

Advertisement

While some called the hack on the French network TV5Monde "unprecedented," this is actually not the first time hackers messed with a TV channel.

In 2013, hackers accessed the Emergency Alert Systems of two local tv stations in Michigan, broadcasting ominous, albeit fake, alerts about a zombie apocalypse.

"Civil authorities in your area have reported that the bodies of the dead are rising from their graves and attacking the living," a voice announced over regular TV programming.

Last year, Rahul Sasi, a security researcher in India, showed that he was able to hack a local cable TV network to replace the regular programming with an Anonymous-style announcement. Sasi worked for more than eight months with a local cable TV provider to study the vulnerabilities of TV networks, and he found out that there were multiple ways of hacking them taking advantage of "insecure designs, bugs, and practical exploits."

Perhaps the first TV dates as far back as 1987, when someone interrupted a popular sportscast on a Chicago station, replacing it for a few seconds with a man headbanging in front of a camera wearing a disturbing mask of Max Headroom, a cult fictional British VJ. To this day, this legendary hack is still shrouded in mystery, as the culprits were never caught or even revealed.

Obviously, the hack on TV5Monde is a "big deal" because it forced multiple channels owned by a large TV network to go dark, according to Mikko Hypponen, a noted security expert and chief research officer for F-Secure.

Advertisement

But it's also obvious that the best way to get media attention is to hack the media. Just think of what the Syrian Electronic Army, a well known pro-Syrian government hacking collective, has been doing for more than two years now, hijacking news organizations' Twitter accounts. Those incidents were always widely covered, even when they didn't really make any damage (apart from the time a Associated Press tweet posted while the account was hijacked sent the stock market tumbling).

"Everything is a bigger deal when it happens to you."

Graham Cluley, a well-known security expert, put it best in a blog post commenting on the hack on TV5Monde: "Everything is a bigger deal when it happens to you."

He was actually referring to the time CNN and other TV stations had their programming disrupted by a computer worm known as Zotob in 2005. When it happened, CNN ran a breaking news segment on it, even if "probably wasn't as big a deal as they made out," as Cluley put it.

But that applies to the spectacular hack on TV5Monde as well, where it's also probably not as big a deal either because the hackers likely took advantage of the TV network's poor security.

"Chances are that they've used the same kind of basic social engineering tricks, phishing campaigns to steal passwords and so forth to grab the details of the TV station and then cause mayhem," Cluley told Motherboard. "Most likely, basic security measures such as better user authentication would have saved TV5MONDE's ass."

"When everything is connected, everything is at risk."

If anything, the hack on TV5Monde is a reminder that in this day and age, digital security is important, not just for companies holding precious trade secrets, but for anyone, even journalists. It's a reminder that as more things get connected to the internet, they get more hackable.

We have seen over the past few years broadcasters moving their networks to IP based systems which are connected to the internet through their traditional IT networks," Ken Westin, a security analyst at Tripwire, told Motherboard. "When everything is connected, everything is at risk."