Cyber Attacks on News Organizations: ISIS Changes Tactics to Win Mindshare
As part of its arsenal of battlefield tactics, the Islamic State (ISIS) has added cyber-attacks to its list. By hacking into news organizations throughout the world, the terrorist organization has launched incredibly disruptive attacks in France, the United Kingdom, the United States and Iran, as attempts to eliminate the freedom of the press and manipulate the views shared by the media. Over time, each of these attacks were mitigated. However, these breaches demonstrate a number of key exposures that exist, such as social engineering that helped the hackers place malicious malware, and gave validation to a new battlefield front. Regardless of the fight associated with ISIS, newsrooms are destined to continue as a rich target in future conflicts.
Is a Large-Scale Newsroom Hack Inevitable?
The reason why newsrooms are a perfect soft-target for cyber criminals is that they yield a large payoff. Success for a newsroom breach hinges on instant availability and by halting the dissemination of information. Newsrooms that cannot provide “breaking” news (or any news for that matter) can lose share and their reputation falters. As a result, this diminished level of reliability can cause their business to decay.
Newsrooms are inherently vulnerable as they do not house strong teams of Information Security personnel, nor do they generally possess the world-class tools and architectures needed to defend against sophisticated cyber-attacks. A typical network security tool newsrooms have is perimeter protection, a technology that is an eroding concept. They need to review the impact of today’s standard application security approaches, such as the growing use of cloud technology that can help protect against top-level attacks such as advanced persistent threats, intrusions, distributed denial of service (DDoS) and other forms of highly technical attacks. To properly defend themselves, newsrooms need to implement a much more robust security fabric with higher levels or processes and security.
Given the confluence of motive, impact and vulnerability, the groundwork has been laid for more attacks to occur with increasingly damaging effects.
Are There Precautions Newsrooms Should Be Taking Now?
As the threat landscape is transforming just as quickly as technological advances in network protection, newsrooms must act quickly to assess their ability to withstand cyberattacks. Implementing the following strategies can help to bolster defenses.
- Identify the requisite defense technologies that can aid in repelling potential attacks.
- Secure the necessary resources needed in the event of a long term attack.
- Establish recovery plans. This is vital if an outage occurs or in the event that news content is manipulated.
- Implement intelligence functions to alert rising or impending risks.
- Launch risk review processes and update them as needed.
What are the Short-Term and Long-Term Effects of Newsroom Hacks?
Should attacks on news organizations continue, the likely consequences that can occur if perpetrators successfully execute are three-fold. In the short-term, you may see the unavailability of news for hours, days, or longer. In the long-term, increased hacker-confidence from achieving a successful cyber attack, as well as altered news reports that impact a new organization’s credibility, are potential risks.
Just recently, hackers sympathetic to ISIS successfully cut the transmission to multiple channels of France’s TV5 Monde and took over their website and social media channels. Despite the short-term impact of the disruption (less than 24 hours), the long-term impact of such a large-scale attack can easily embolden terrorists to strike in a similar fashion using this as a “template” for future attacks. They can then refine the attack methods for even greater effectiveness for more extended periods of time.
In 2013, the Twitter account of the Associated Press was hacked into, and false reports of an explosion in the White House injuring President Obama caused a temporary tumble in the stock market. This is evidence of another core long-term issue that relates to the dangers posed by future attacks – the manipulation of information that resides on media platforms that are viewed as credible sources. Casting false reports on websites or via social media accounts can cause a level of mayhem and endanger those who consume the news through these channels.
Current technology shifts have changed what leaders of news organizations have come to expect from IT, and they have also disrupted many of the commonly accepted security models. These changes have resulted in complications for newsroom security professionals dealing with different operating environments and have also contributed to a loss of visibility to the overall business picture. News organizations need to have the ability to detect threats with high quality in one location and react to those revelations in all operating environments in real-time. They can then orchestrate changes to the affected systems quickly and universally.
Information is power and newsrooms need to invest in strong protocols and shore up their defenses in order to protect the information they report to the public. Credibility and reliability are mainstays of the media, and it is important to ensure neither is tarnished. The need to secure the network infrastructure of news organizations is paramount, and unfortunately, time is not on their side.