EVS cyber preparation for events
Posted on Jul 15, 2021 by FEED Staff
A new security expert at EVS cyber defence is determined to enhance the broadcast industry
Geoffrey Crespin came to the media and entertainment industry as an outsider, bringing with him years of experience in cybersecurity across multiple sectors. As a result, he can give a clear-eyed, unsentimental assessment of how we are doing.
“This industry is five or ten years behind compared to the traditional IT cybersecurity world,” he says. “It’s now just starting to realise that vendors and customers have to put cybersecurity measures in place.”
Crespin worked as a cyber defence consultant for over a decade (with high-level clearance), for European governments, institutions and private companies. Over the years, he began to work for telcos including Proximus, Belgium’s largest mobile
telecommunications company. He joined EVS as a senior solutions architect in the summer of 2020.
As part of the new EVS cyber security strategy, Crespin will help EVS customers address and prepare for every aspect of an ever-growing array of security threats. Making a difference is somehting that he is enthusiastic about. “EVS has a great plan for fixing vulnerabilities in broadcast technology products across the industry,” explains Crespin.
Facing the threats
As the number of connected devices on production grows – along with the number of people potentially able to access those devices – so does the cybersecurity threat. As we’ve seen over and over again, it only takes one person in an organisation to click a link or download a file to create system-wide chaos. Ransomware is still one of the most basic, and common, types of attack.
“Ransomware can target anyone, not just the broadcast sector,” explains Crespin. “As soon as you expose a service or a server on the internet, you face those kinds of threats.”
Broadcast, because of its power to affect and engage large audiences, has a special appeal for certain types of assailants. EVS customers working on global events, often being watched by billions of people, have to be meticulous about cyber defence.
“We decided to provide cybersecurity services specifically for these types of events,” says Crespin.
“They can be targeted by criminal organisations wanting money, but also by nation-state actors.”
This industry is maybe five or ten years behind
He points to a famous incident a few years ago, where the entire IT system of a global broadcast was taken down by a massive cyberattack on the first day of the event. The infrastructure had been infected by pernicious malware, ultimately forcing the event’s technology teams to close the whole IT system and restore it from backups. The attack also extended to other affiliated companies, including those providing tech support.
“We have to be prepared. The attack surface is so large in these events and attackers try to exploit any existing vulnerability. It could be via a tech company or provider – we don’t know,” says Crespin.
New tech, new danger
Crespin notes that these threats have been further enabled by new technologies. Part of his job at EVS is to assess the security of each of the company’s products.
“There’s a big difference between now and ten years ago. We have more and more devices on the internet, as well as internet-facing applications. In the past, it wasn’t a big problem, because things were connected between OB trucks via SDI cables, and the attack surface was very limited.”
While a certain product or provider may have top-level security features, today’s workflows are inevitably made up of long chains.
These chains are only as strong as their weakest link. Interestingly, Crespin sees no difference in cyber vulnerabilities between cloud and non-cloud workflows – the cloud isust one more network location.
“When EVS provides a service, we put in place firewalls, switches and other types of servers, like streaming servers. We recently saw attempted attacks, which were blocked by our security products, trying to exploit vulnerabilities in firewalls. Then we saw the NSA had published an article about state actors trying to exploit this specific vulnerability, which we had spotted previously in our sniffer.“
He adds: “Bad actors aren’t just targeting specific products to attack them, they’re performing reconnaissance to learn what is vulnerable – and they try to exploit it. We not only have to be careful with our past products, but the complete workflow chain.”
Crespin notes that cybersecurity is no longer just an option. It’s becoming an essential part of any broadcast-industry contract. Customers are now requesting their vendors are fully compliant with security standards – and if they aren’t, they will take their business somewhere else.
“If a vendor isn’t compliant, they are out. That’s it. Customers have seen more and more cyberattacks, and have realised the impact.”
This article first featured in the Summer 2021 issue of FEED magazine.