Prepare for more cyberattacks like Eurovision: FireEye

Dubai: Last week, Israel was hit by a cyberattack when its webcast of the Eurovision Song Contest semi-final was hijacked to display animated images of explosions in host city Tel Aviv.

Kan, the national broadcaster, blamed Hamas militants for the attack.

Israel’s hosting of the annual European music competition drew widespread criticism, leading to calls for a pro-Palestinian boycott of the show.

Now, a cybersecurity expert from FireEye has said that broadcasters should be prepared for similar hacks in the future, especially at high-profile events such as the Olympics and the Fifa World Cup.

“If you want to draw global attention to a local conflict, it’s a really good platform to drive specific political messages or to cause confusion or panic within a society,” said Jens Monrad, FireEye’s head of intelligence for Europe, the Middle East, and Africa.

As a result, broadcasters “carry a larger responsibility today than they might be realising,” Monrad added.

Based on the current proliferation of fake news, he said, if broadcasters are “not able to protect their infrastructure to ensure that outsiders aren’t able to meddle with it,” then they risk having their credibility questioned by the public.

Viewers watching Kan’s live webcast of the competition last Tuesday saw the warning: “Risk of missile attack. Please take shelter,” accompanied by a fake Israeli army logo and the sound of a rocket-warning siren.

The technical details behind how the attack took place are still scarce. However, given most broadcasters’ migration from analogue to digital systems in recent years, Monrad said that media outlets needed to establish that security controls were in place to prevent unauthorised access to their digital infrastructure.

“Looking at what we’ve seen in the past, it could have been as easy as stealing valid credentials from someone who had access.”

Monrad said that he had not seen any evidence suggesting that the attack on the Israeli broadcaster was an attempt to hold the company at ransom, or extract sensitive information.

Instead, sowing discord or panic may have been the hack’s ultimate goal.

“This is not the first time we’ve seen interruptions in TV and online streaming in Israel, we had it in 2016 too … with a very strong political message,” he said.

Basic security controls, regular assessments of the broadcaster’s “crown jewels” and how to protect them, awareness training for staff, and having access to the right intelligence were all solutions to the threats posed by malicious groups, according to the expert.