Breach allegedly via a VPN through one of TV5's subcontractors. This is "one of the reasons we recommend clients have a separate channel for incident response," says Brian Honan, who heads Dublin-based information security firm BH Consulting, via Twitter.ĪPT28 recon apparently started on (2+ months before main op). "To cover the main sabotage op, attackers seem to have planned follow-on ops against internal messaging to slow down TV5's" incident response. "Once inside TV5's network, the intruders used one of two camera-control servers as a beachhead for privilege escalation," Thomas Rid, a professor of war studies at King's College London, says via Twitter. Many initial news reports ascribed the takeover to terrorists.ĪNSSI says its investigation has concluded that the attackers' goal, from the beginning, was to sabotage TV5Monde's network. Just a few hours prior to that sabotage, which involved knocking multiple channels offline, the attackers compromised multiple TV5Monde social media accounts.Īfter knocking 12 TV5Monde channels off the air, the hijacked broadcaster's social media accounts - Facebook, Twitter and YouTube - and website began to display jihadist propaganda messages from a previously unknown group, which called itself the CyberCaliphate. One of the major takeaways from the investigation is that the attacker, or attack group, conducted reconnaissance inside the TV5Monde network for three months, following its initial access, before launching its sabotage operation. In its presentation, ANSSI thanked TV5Monde for allowing the information about the investigation to be released publicly, saying that unlike many organizations, the broadcaster was doing so to help others to better protect themselves. In April 2015, online attackers sabotaged French broadcaster TV5Monde, knocking 12 of the broadcaster's channels offline for 18 hours.īut details about how the attack unfolded have just come to light, thanks to a presentation delivered by ANSSI - France's national cybersecurity agency - at an information security symposium held last week in the French city of Rennes. The results of the attack have been well-publicized. See Also: Live Webinar | Unmasking Pegasus: Understand the Threat & Strengthen Your Digital Defense New details have emerged relating to a hack attack against French broadcaster TV5Monde, which resulted in multiple television channels going dark as well as social media channels run by the broadcaster being hijacked and used to spew apparent jihadist propaganda. ![]() The TV5Monde sabotage manifested as multiple black screens of death for the broadcaster's channels.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |