A CYBER SECURITY system that isolates individual computer networks may have prevented the spread of a cyber attack across Virgin Media Television, sources have said.
Content for the different channels across the Virgin Media operation is stored on various servers – so it’s likely that any hack targeting specific servers will be contained to those channels, a source in the broadcasting sector said.
It was revealed yesterday that programming on Virgin Media Three, Four, More and VMTV Player is set to be temporarily disrupted as the company had to disconnect some technologies to “ensure ongoing maximum security”.
It is understood that the server involved was limited to the operation of the channels that do not have live broadcasts – the computer system is understood to store and broadcast programmes.
Content for other channels – for instance, Virgin Media One and Two – is contained on separate servers.
Live broadcast shows such as the channel’s flagship news broadcasts, Ireland AM and the Tonight Show, were not be affected as they do not require the computer system under attack.
In its statement last night Virgin Media Television stressed that the hack had been fully contained, “isolated and terminated”.
Sources have said that the work to find where the hackers got into the Virgin Media system would likely take several days while the work to clean and weed out the software used would take even longer.
The National Cyber Security Centre (NCSC) and gardaí from the National Cyber Crime Bureau were working with VMTV’s IT specialists to solve the problem.
This is the second such attack in recent weeks in Ireland with the Munster Technological University suffering a widespread cyber attack from Russian hackers.
Containment
Brian Honan, CEO of BH Consulting and a former cyber security advisor to Europol, said the containment of data was of critical importance to prevent it going any further into the company’s systems.
“It is like a ship taking on water – you have to close the doors. In this instance they isolated compromised systems.
“It is known as containment and that is a key incident response method. Once you contain the problem then it must be figured out what is happening and how they got in.
“There would be a need to remove fake accounts, find the parts of the system that are compromised or infected and then remove them and clean it – there is a huge amount of work to be done,” he said.
Honan said that the work to find where the hackers got into the system could take several days. He said that indications at the moment are that it was a ransomware style attack.
The cyber security expert said that part of the issue with dealing with such ransomware attacks was that criminals not only are looking for money but even with the ransom paid they will sell on the details of the network to other criminals.
He said this is known as “access brokering” and causes many networks to be repeatedly struck.
Honan believes that Ireland is past the phase of a “wake up call” about cyber security.
“We’ve had so many wake up calls, but we keep hitting the snooze button.
“A report by the World Economic forum around global risk ranks the top five risks for countries but cyber is not one of them for Ireland,” he said.
Honan also referenced a Global Cybersecurity Index report carried out in 2020 by UN Agency the International Telecommunications Union (ITU) which found that Ireland was placed 46 in the world, behind Ghana, Thailand, and Tunisia, in terms of its effective cybersecurity measures. It ranks 28th in Europe.
To embed this post, copy the code below on your site
have your say