If IT Vis Pacem, Para Bellum
Are we ready for international cybercrime?
“If vis pacem Para Bellum” this phrase coined by Romans, probably in the fourth century A.D. by the writer Vegetius, is becoming more relevant every day. If you really want peace, get ready for war. The phrase, and all its derivatives such as “if you hope for the best, prepare for the worst”, are extremely topical.
We are living in a turbulent time where, if the pandemic has taught us anything, it is the importance of prophylaxis and safety. With the modern wars, we see a divided world that reminds us that the past is coming back and what was once the Cold War is lurking again.
In IT computer security, whether it is internal or external to our Broadcast audiovisual environment, it is very important to take special care in areas where you cannot fail, because if you fail “the dummy does not come out”.
Computer security, and one of its most popular branches, audiovisual cybersecurity, is a necessary reality for all companies whose assets are audio and video, its core needs to be protected and it is important to put focus as soon as possible.
But how can we protect our audiovisual company? Whether it is a Broadcaster, a production company or a generator of audiovisual content, the security measures taken are those that the manufacturers indicate and sometimes allow. Put an antivirus here, there, a firewall here, a VPN, update this operating system (leaving a Windows NT or XP because the manufacturer doesn’t it certify another OS) and little more… and that is if, as we say, the manufacturer or the dominant brand in the production solution allows us to do so and does not say that this configuration affects the performance of its solution.
Well, among all the possibilities that exist in the market, the first one that we must take into account is a scrupulous, conscientious and exhaustive consulting and audit of computer security, which brings out the best and the worst that we have in our house. After this consultation we will be able to determine which are the most important vulnerabilities in our installation and configuration, or in our services. With this list of vulnerabilities, we will be able to take a quick remedy in the simplest cases, and in the most complex cases, we will be able to draw up a plan to further shield the production, ingestion or archive systems.
How do we carry out this consulting? What type of services can we provide from Telefónica Servicios Audiovisuales (TSA)? From TSA, together with Telefónica Tech, we can offer an analysis of the computer security solutions and measures of the most important manufacturers in the Broadcast sector, raise and determine the successes and strengths, as well as the weaknesses in relation to computer security and audiovisual cybersecurity, perform white box hackinetic tests and tests, which do not affect the performance of systems and services, execute and emulate ethical penetration hacking attacks, both internal and external, which gives us an idea of where it could go. enter a cyber-attack, whether it is from outside the house or from inside
Another important factor that we must take into consideration is the data protection required by the European RGPD or the Spanish LOPDGDD. This data protection refers more to the internal content referring to sensitive personal information and databases where there is confidential information of any user. In production environments, when someone is recorded, consent must be sought to be identified and catalogued. If that person’s video has sensitive metadata that identifies the person with an email, phone number, or even biometric information, special care must be taken when it comes to computer security.
Another very important element that the pandemic has left us is teleworking, which requires a series of additional measures to which we were accustomed. Elements such as double authentication factor to enter our systems or VPNs are easy-to-implement solutions that make unwanted penetration difficult.
And don´t forget that today the mobile phone is one of the most used tools for work. In our environment, the smartphone is increasingly used in production or at some point in the workflow of our facility. This device must also be protected. To do this, there are a series of solutions that can be implemented on any operating system, be it Android, iOS or any other.
What type of attack can I suffer? A DDos attack, for example, is a massive attack to destroy or take down a website, a streaming or OTT service, or any service you offer to the public, in which a massive drop in connections saturates the servers that deliver the content. and blocks them, leaving them without service. To avoid this, there are different elements, such as balancers, that prevent these types of attacks. Other more traditional threats, such as viruses, are addressed or prevented to a greater extent with EDRs (endpoint detection and response). It is vitally important to keep operating systems updated, where security holes that appear are patched, to avoid Ransomware attacks, where vulnerabilities are affected to penetrate our system and hijack data. Let’s keep in mind that the assets of an audiovisual company are its video files, without them there is no content to broadcast. At Telefónica Servicios Audiovisuales we have partners such as CloudFlare that can also add value to the defense solutions of our audiovisual installation.
We can suffer attacks that we still don´t know about today, in this field at Telefónica we are even working with a Spanish partner to add a layer of cybersecurity, through quantum computing. Without a doubt, the next attack can come from an entrance that we cannot even imagine right now, something simple, for example; There is a mistaken belief that Macintosh or Unix/Linux operating systems do not have viruses, something totally untrue. There are viruses, but they are less widespread, and they also have security holes through which they can penetrate a production network, through elements such as open Wi-Fi, a shared data network, tethering of a mobile phone. etc.
And, how do we protect obsolete equipment that we cannot stop using? That Windows Vista without patches, Windows 7 or even that old Windows XP that is obsolete and without updating, without Microsoft support… We protect that equipment by isolating it, with different VLANs with perimeter isolation, surrounded by Firewalls and Gateways for entry and exit. We protect Workstations, both in the office and at home, through special applications that monitor, control and review any input or output of material.
We must protect the contents, the audiovisual assets, the video or audio files that are the basis of the production work. There are a series of software applications on the market that protect and encrypt the files on storage systems and hard drives to prevent the leak of our assets, an example of this is the technology of our partner Quantum against Ransomware.
We put additional layers of security at different points in the workflow that don’t hinder or slow down production, we protect content by encrypting software on storage devices to prevent carelessness, loss or theft of information.
We must also protect sensitive home files, we protect not only video files but also Word, PDF, Excel documents, a SQL, Access or even Outlook database. Our obligation is to put all the obstacles in place to prevent, for example, a disgruntled employee from taking away an entire database of clients, advertising or agencies. For this, there are access control solutions where if a user is not authorized in the domain, they cannot access those files, even if they have been copied to a hard drive or they are in their personal cloud.
To close this article, let’s raise a reflection. Approximately 80% of cyber-attacks seek to take control of our company’s domain servers, therefore, on this chess board, where if “IT Vis Pacem, Para Bellum”, the king and queen of our television are domain servers and we must protect them with all the necessary rooks, bishops and pawns.
Asier Anitua Valluerca
Business Development Manager
