As Sports-Media Organizations Transition to IP, Network Security Concerns Take Center Stage

Creators, distributors, and venues are all vulnerable to piracy and intrusion

The move to IP networks requires a commitment to network security, disciplined best practices, and more to ensure that malware, phishing, and other attacks don’t jeopardize the show. As the infrastructure behind live sports production transitions to IP, broadcast centers and truck compounds must operate on a secure network in order to protect this valuable content against piracy and stop outsiders from infiltrating their operation.

At the IP Production Forum early this month, a panel featuring executives from Akamai, Cisco, and Juniper Networks addressed how to handle the network-security concerns that arise during a media organization’s transition to IP.

Security Is More Than Just a Lock on the Door
“Companies today have to start thinking differently about [network security],” said Michael Korten, cyber security sales practice leader, Cisco Systems. “In a sense, you have to start taking a look at your network and your business [the same] as how you would secure your house and apply those simple concepts to your network. It’s not a matter of just putting up a lock or a firewall at the front door and considering the day is done. You start worrying about other areas or other ways that these bad guys are getting in.”

From left: Juniper Networks’ Vaishali Ghiya, Akamai’s Shane Keats, and Cisco Systems Michael Korten

Korten noted how attacks on the networks of major media organizations have become far more coordinated in recent years. What was once a simple virus-based attack has morphed into malware wreaking havoc on the network. This issue is compounded when the malware is a “wiper,” which can erase entire libraries of content and history all at once. Add the increased use of ransomware against media companies, and it becomes even more apparent just how vulnerable the M&E industry is.

“There are a lot of things that are evolving. If you’re not concerned about [security], you should be,” he said, adding, “There’s another aspect: all of you are probably saying, I’m just going to encrypt my data. Well, in today’s world, you’re probably encrypting 40% of your network traffic data, which will eventually be 100%. But guess what. So do the bad guys; that’s how they get by conventional security mechanisms. So you have to start thinking [the way] they do. How are you protecting and how are you inspecting that encrypted data, because they’re coming at you with that as well.”

Sports Media’s Success Makes It a Ripe Target
Although much of the discussion around security in the M&E business has centered on studio films and episodic television, the potential danger to live sports is quickly becoming apparent. For example, Shane Keats, director, global industry marketing, media and entertainment, Akamai, described how a sports league that runs a major tournament reached out to the company in the spring after traffic registered a massive spike in the middle of the night. It turned out that a Russia-based botnet was attacking the page. The botnet was scraping the data and reposting it on a pirate site, illegally monetizing the content.

“The success that [sports-content creators] have achieved is drawing the attention of folks who aren’t hacking for credibility; they’re hacking for profit,” said Keats. “They’re trying ever more clever ways to steal your intellectual property.”

Overall, bot traffic on media networks has increased drastically in recent years; Akamai estimates that bots account for about 40% of the overall traffic on its network. Although many of the bots aren’t necessarily malicious — many are Googlebots or other bots collecting data for reputable sources — the explosion in bot traffic raises new concerns over security.

“There’s a lot of malicious activity hitting your web infrastructure,” Keats observed. “That’s a vector that I don’t know that we think about and talk about quite enough.”

With the Rise of the Connected Stadium, Venues Are Susceptible
As internet and Wi-Fi connectivity has become more ubiquitous at stadiums and arenas across the globe, venues have become more vulnerable to attack. Such methods as distributed–denial-of-service (DDoS) attacks — in which multiple systems flood the bandwidth or resources of a targeted system — open up these organizations to internal attacks and also subject fans using the Wi-Fi network in the stadium to potential infiltration as well.

“IoT devices at the stadium can be used as a massive attack vector,” explained Vaishali Ghiya, field CTO, WW Security Sales, Juniper Networks. “Many attackers hijack the wireless network without your knowing about it. You have [fans] and employees connecting to that Wi-Fi network and exchanging crucial information, and that is all getting intercepted and used for a malicious purpose to make money.

“Distributed denial of service, that’s like the favorite sport for the hackers,” she continued. “It’s like football tackle: you don’t know when it’s going to happen, but, as soon as it happens, it’s going to take you down completely. That is what happens when you get hit with massive distributed–denial-of-service attacks: it will take down your scoring mechanism, any ticket-selling systems, point-of-sale systems, any vending machines, everything.”

The Enemy Within: Maintaining In-House Security Protocols
Although much of the danger comes from outside forces, an in-house employee or freelancer who fails to abide by a company’s security protocol can be just as dangerous. As a result, media companies are increasingly launching permissions-based policies that restrict certain users from accessing certain parts of the organization’s network.

“I think it’s [important to] create policies based upon roles in your company and then implement them and have your network support that,” said Korten. “If someone comes onto your network, that network should be able to identify whether that person is an employee of your network or a contractor or a partner. And, based upon that identification through various ways — registry key, endpoint, etc. — then a policy is applied, and they have access [based on] what their role is supposed to be. If someone comes on and they’re a contractor, [for example] they obviously are not going to get into your finance area because they shouldn’t have access to that. So [creating] policy to secure a network and enforcing that policy is one of the key elements around that.”

As sports-content producers increasingly rely on IP-based infrastructure and cloud-based workflows, their multisite collaborative workflows make them even more susceptible to an attack. Therefore, it’s more important than ever to institute uniform security policies across all pieces of the media ecosystem – whether on-premises or in the cloud.

“[M&E companies] have to think about their perimeter completely differently because they have to provide access to so many different user groups and partners,” said Ghiya. “And, many times, the workloads are sitting in the cloud, not even on-premises. You must secure those workloads in the cloud with a virtual firewall and also write the same set of policies so that you don’t have to write the policies two times — one for the on-premises datacenter or application, another for the workload sitting in the cloud.

“Bringing a unified policy in a single pane of glass is extremely important in that scenario,” she continued. “Perimeters are going away pretty much. It’s security everywhere: campus, right at the network edge, private cloud, on-premises datacenter, public cloud. We have to think about it holistically from the automation and policy perspective.”

CLICK HERE to hear the full audio recap of this panel.

Subscribe and Get SVG Newsletters

  • SVG Insider (Tuesday - Friday)
  • SVG Digital Now (Monday)
  • SportSound (Monthly)
  • College (Monthly)
  • Venue Production (Monthly)