Wave Systems Corp. (fka WAVXQ)

[Genz2]

Computer Attack Knocks Weather Channel Off the Air

https://www.wsj.com/articles/weather-channel-knocked-off-air-for-over-an-hour-11555611840

FBI investigating ransomware incident at cable channel
==================================================================
Weather Channel Knocked Off-Air in Dangerous Precedent

https://threatpost.com/weather-channel-off-air-hack/143936/


The incident was the work of malicious cyberattackers.


On Thursday, The Weather Channel – a trusted cable network source of meteorological data across the U.S. – was knocked off the air by what it said was a “malicious software attack” on its network.

The Weather Channel hack – not to be confused with the Weather Channel’s own hacks – affected its live broadcast for about 90 minutes between 6 and 7:30 a.m., during which canned content was aired. The network resumed broadcasting from backup locations at that point.

The network quickly confirmed that the problem was an attack, not technical difficulties: “We experienced issues with today’s live broadcast following a malicious software attack on the network,” The Weather Channel posted on its Twitter feed. “We were able to restore live programming quickly through backup mechanisms.”

The general reaction from the populace has been largely, “who would hack the Weather Channel?” But the incident demonstrates that media companies are just as vulnerable to attackers as any other segment that has embraced modern technology. Increasingly, television content is delivered via IP video distribution networks and cloud-based media processing.

“Broadcasting has undergone a significant transformation in moving to information technology and internet protocol (IP)-based networks to distribute content,” said Mark Orlando, CTO of cyber-protection solutions at Raytheon Intelligence, Information and Services, in an emailed statement. “This means that its threat model has also changed – broadcast networks are now susceptible to many of the same threats that other IT-enabled enterprises routinely face, such as ransomware and other malicious code.”

While pirate broadcast signal intrusions at local TV stations, like the infamous Max Headroom incident in Chicago in 1987, are not unheard-of (the interruption of over-the-air signals is not a difficult undertaking, all things considered), the ante is upped when it comes to attacks of national cable channels.

Clearly, hacks like these have the potential to disrupt more than someone’s morning weather forecast. Retaliatory attacks against news organizations, protests and censorship efforts against certain content types, the hijacking of feeds to push out one’s own messages and even extortion efforts (every advertising block that goes unseen translates to potentially tens of thousands of dollars in revenue) are all potential motivations.

“Incidents like these demonstrate the reputational risk and potential public-safety issues introduced by cyber-attacks in the broadcasting sector, and we can draw some parallels to critical infrastructure protection in that the defensive strategy must evolve along with modernization efforts,” Orlando added.

Fortunately, incidents like these are also rare. The only other public example is a 2015 attack on French TV network TV5Monde, when it was taken off air and it networks severely damaged. A group calling itself the Cyber Caliphate, linked to so-called Islamic State, first claimed responsibility, but further investigation showed that the likely culprit was Russia’s APT28 (a.k.a. Fancy Bear, Sednit or PawnStorm). The attack ended up being the result of an infestation of highly targeted malware, carried out for political reasons.

Further details are scant (the Feds are investigating, according to the network), but some researchers are wondering if ransomware was to blame.

“At this time the details of the cyberattack have been limited though it appears to have impacted the company’s ability to broadcast live weather though backup systems enabled the company to restore some production systems,” said Joseph Carson, chief security scientist at Thycotic, via email. “It will be interesting to see if this attack is related to the most recent string of malicious malware impacting other global organizations such as the LockerGoga ransomware that impacted Norsk Hydro several weeks ago, causing more than over $40 million in damages so far. And still several systems are under manual control, a week following the incident.”
=================================================================
Could the potential implications get much scarier than 'The Weather Channel's' malicious software attack?? Organizations that are in critical industries could be well served by Wave's solutions/products (better security)!!! Some may have missed the Wave Alternative when reading the Wave website so I've posted it below. This and the website are highly recommended reading for those searching for better security at less than half the cost!!!
==================================================================
https://www.wavesys.com/

https://www.wavesys.com/wave-alternative

The IT perimeter is gone

With tablets, smartphones, and cloud applications, your employees can access sensitive data anytime, from anywhere. Indeed, around 70 percent of security breaches and data thefts are inside jobs. Meanwhile, the hackers only get better: advanced persistent threats (APTs) appear as normal traffic, and malware can go unnoticed for weeks.

It’s a new world, one without borders. Yet most organizations are still trying to protect their data with the same old firewalls and antivirus software. It’s not working. We refer you to the headline-making breach of the week.

You have to start with the device

Wave has an alternative: security that’s built into each and every device.

We’re talking about hardware: self-encrypting drives (SEDs), which protect data when a device is stolen or lost, and trusted platform modules (TPMs), or embedded security chips. Both go in at the factory, and increasingly, both are standard. They make it possible for you to monitor and control each individual device and its data, no matter where it is. But you need software to turn on and manage your SEDs and TPMs. Wave makes that software.

We’ve been refining comprehensive, centralized management of hardware-based security longer than anyone else. More than that, we’ve shaped the field as a founding member of the Trusted Computing Group, the not-for-profit that develops and promotes industry standards for the hardware.

Security that’s confirmed, not assumed

With Wave, you’ll know that you’re secure. Because we start with the individual devices, you get a broad, deep view of your network. You can see exactly who’s on it, with what devices and what apps, at any given time. Just for example, if Bob goes home and tries to log onto Facebook with the company laptop, Wave can stop him.

A big piece of this heightened security is device authentication. Traditional two-factor authentication requires what amounts to two user IDs. But by using the TPMs inside your devices, Wave can confirm the identity of not only users, but also the devices they’re on. Combine that with fast, enforced encryption of sensitive data via your SEDs—all easily managed with Wave software—and your data is protected from the full range of modern risks: device theft, missent emails, flash drives, portable hot spots … even (and no one else can say this) hardware keyloggers. Not to mention Bob.

Do we need to say that with Wave, compliance is no problem?

Start closing your security gaps today, with what you’ve got

You might be surprised to hear that 90 percent or more of your computers probably already have TPMs. Mobile devices are catching up fast. SEDs are newer, but you probably have a bunch of those too. Machines that don’t have them can often be outfitted at little to no extra cost. So you’ve got some or all of the hardware. All you need to do is turn it on with Wave.

It’s almost as easy as it sounds. TPMs and SEDs are built to open, vendor-neutral industry standards, and so are Wave solutions. That means Wave works on your existing mix of hardware, across platforms, and will evolve with you. It’s part of what makes the Wave alternative not only more secure, but also simpler and cheaper. Total cost of ownership for Wave data protection can be almost half that of a traditional software-based system.

Questions? Read on, or contact our sales department.