French TV station's systems severely damaged in cyber attack

The French TV station TV5Monde suffered a major cyber-attack on the evening of the 8th of April resulting in all of its eleven channels being taken off air for three hours. At 10:00 p.m. Paris time the eleven channels for TV5Monde, which reach over 260 million people worldwide, went blank. At the same time the station's Facebook page was hijacked and its website defaced.

The TV channel's Network Director General, a Mr. Yves Bigot, said "We are no longer able to broadcast any of our channels. Our websites and social media sites are no longer under our control and are all displaying claims of responsibility by Islamic State. "

Mr Bigot highlighted that the station lost control of its TV station, website, and its social media channels and that they were "severely damaged" due to an "unprecedented attack".

The attackers claimed to belong to ISIS and posted personal information, such as CVs and identify cards, of the relatives of French soldiers serving in the coalition fighting against ISIS. There were also threats made against those French troops.

Some of the messages read "Soldiers of France, stay away from the Islamic State! You have the chance to save your families, take advantage of it," and "The CyberCaliphate continues its cyberjihad against the enemies of Islamic State,"

In a reference to the terrorist attacks against the French satirist magazine Charlie Hebdo earlier this year a message on the station's Facebook page criticising France's involvement in the fight against ISIS saying "That's why the French received the gifts of Charlie Hebdo and Hyper Cacher in January,"

The station's regained control of their channels by 1:00 a.m. but Mr. Bigot stated that it could take hours if not days to resume normal broadcasts. TV5Monde regained control of their social media accounts by 2:00 a.m. but the station's website was still offline 14 hours (13:00 9th April)) after the attack displaying the message "Nous sommes actuellement en maintenance. Merci pour votre patience."

This is not the first time pro-ISIS hackers have taken over prominent websites to promote their messages of support for ISIS. In January of this year the official Twitter account for the U.S. Central Command (CENTCOM) was compromised, in March NBC news reported that the FBI was investigating the hijacking of numerous western websites by pro-ISIS supporters, and just two days ago the FBI issued an advisory stating that pro-ISIS sympathisers were exploiting Wordpress plugins to hijack websites.

In that advisory the FBI states the attacks are not targeted and that "the perpetrators are not members of the ISIL terrorist organization". The advisory goes on to say

"These individuals are hackers using relatively unsophisticated methods to exploit technical vulnerabilities and are utilizing the ISIL name to gain more notoriety than the underlying attack would have otherwise garnered"

As of yet there are no details as to how the attackers managed to gain access to TV5Monde's Facebook page, website, and most importantly their TV broadcasting network. To gain such level of access either indicates the attackers were more sophisticated than those the FBI warned about in their advisory or that TV5Monde's were not as secure as they had thought. With last year's attack against Sony Picture Entertainment it appears that media companies are well and truly in the cross-hairs of on-line attackers

Join the CSO newsletter!

Error: Please check your email address.

Tags cyber attacksespionagesecurityExploits / vulnerabilitiesFacebook

More about elevenFacebookFBINBCSony

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Brian Honan

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place