Cyber Attacks on News Organizations: ISIS Changes Tactics to Win Mindshare

As part of its arsenal of battlefield tactics, the Islamic State (ISIS) has added cyber-attacks to its list. By hacking into news organizations throughout the world, the terrorist organization has launched incredibly disruptive attacks in France, the United Kingdom, the United States and Iran, as attempts to eliminate the freedom of the press and manipulate the views shared by the media. Over time, each of these attacks were mitigated. However, these breaches demonstrate a number of key exposures that exist, such as social engineering that helped the hackers place malicious malware, and gave validation to a new battlefield front. Regardless of the fight associated with ISIS, newsrooms are destined to continue as a rich target in future conflicts.

Is a Large-Scale Newsroom Hack Inevitable?

The reason why newsrooms are a perfect soft-target for cyber criminals is that they yield a large payoff. Success for a newsroom breach hinges on instant availability and by halting the dissemination of information. Newsrooms that cannot provide “breaking” news (or any news for that matter) can lose share and their reputation falters. As a result, this diminished level of reliability can cause their business to decay.

Newsrooms are inherently vulnerable as they do not house strong teams of Information Security personnel, nor do they generally possess the world-class tools and architectures needed to defend against sophisticated cyber-attacks. A typical network security tool newsrooms have is perimeter protection, a technology that is an eroding concept. They need to review the impact of today’s standard application security approaches, such as the growing use of cloud technology that can help protect against top-level attacks such as advanced persistent threats, intrusions, distributed denial of service (DDoS) and other forms of highly technical attacks. To properly defend themselves, newsrooms need to implement a much more robust security fabric with higher levels or processes and security.

Given the confluence of motive, impact and vulnerability, the groundwork has been laid for more attacks to occur with increasingly damaging effects.

Are There Precautions Newsrooms Should Be Taking Now?

As the threat landscape is transforming just as quickly as technological advances in network protection, newsrooms must act quickly to assess their ability to withstand cyberattacks. Implementing the following strategies can help to bolster defenses.

Identify the requisite defense technologies that can aid in repelling potential attacks.
Secure the necessary resources needed in the event of a long term attack.
Establish recovery plans. This is vital if an outage occurs or in the event that news content is manipulated.
Implement intelligence functions to alert rising or impending risks.
Launch risk review processes and update them as needed.

What are the Short-Term and Long-Term Effects of Newsroom Hacks?

Should attacks on news organizations continue, the likely consequences that can occur if perpetrators successfully execute are three-fold. In the short-term, you may see the unavailability of news for hours, days, or longer. In the long-term, increased hacker-confidence from achieving a successful cyber attack, as well as altered news reports that impact a new organization’s credibility, are potential risks.

Just recently, hackers sympathetic to ISIS successfully cut the transmission to multiple channels of France’s TV5 Monde and took over their website and social media channels. Despite the short-term impact of the disruption (less than 24 hours), the long-term impact of such a large-scale attack can easily embolden terrorists to strike in a similar fashion using this as a “template” for future attacks. They can then refine the attack methods for even greater effectiveness for more extended periods of time.

In 2013, the Twitter account of the Associated Press was hacked into, and false reports of an explosion in the White House injuring President Obama caused a temporary tumble in the stock market. This is evidence of another core long-term issue that relates to the dangers posed by future attacks – the manipulation of information that resides on media platforms that are viewed as credible sources. Casting false reports on websites or via social media accounts can cause a level of mayhem and endanger those who consume the news through these channels.

Current technology shifts have changed what leaders of news organizations have come to expect from IT, and they have also disrupted many of the commonly accepted security models. These changes have resulted in complications for newsroom security professionals dealing with different operating environments and have also contributed to a loss of visibility to the overall business picture. News organizations need to have the ability to detect threats with high quality in one location and react to those revelations in all operating environments in real-time. They can then orchestrate changes to the affected systems quickly and universally.

Information is power and newsrooms need to invest in strong protocols and shore up their defenses in order to protect the information they report to the public. Credibility and reliability are mainstays of the media, and it is important to ensure neither is tarnished. The need to secure the network infrastructure of news organizations is paramount, and unfortunately, time is not on their side.

Carl Herberger is the Vice President of Security Solutions at Radware, a leader in application delivery and security solutions that assures the availability, performance, and resilience of business-critical applications for over 10,000 enterprises and carriers worldwide. A recognized information security expert, Herberger draws on his extensive information security background in both the private and public sectors. He began his career in the U.S. Air Force as a computer warfare specialist at the Pentagon and managed critical operational intelligence programs aiding both the National Security Council and Secretary of the Air Force. Herberger founded Allied InfoSecurity and held executive security positions at BarclayCard US, SunGard and Campbell Soup Co.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.