Coloures-pic - Fotolia
The cyber attack on French television network TV5Monde in April 2015 was aimed at destruction, according to the network’s managing director Yves Bigot.
“We are still not certain who ordered the attack or why TV5Monde was targeted, but we do know that it was aimed at destroying the company,” he told the FT Cyber Security Summit in London.
Investigations continue, but a Russian hacking group is believed to have carried out the attack that was well-planned and well-resourced. It even included two different pieces of custom malware.
The attack knocked the network’s 12 television channels off air for 10 hours, but it could have been a lot worse had it not been for the quick thinking of a member of the IT team, said Bigot.
“We got lucky because the IT team was working late and managed to find the machine at the centre of the attack within ten minutes and cut its connection with the internet,” he said.
Still, the attack had a huge financial impact on the network, costing around €4.5m. But Bigot has learned the lesson.
“We should have been better prepared, but we were not,” he said, adding that the company now spends around €3.5m a year on cyber security.
“I learned that no one is safe. Cyber attacks continue to happen every day, but we have increased our defences to ensure that the company adequately protected and is not harmed,” he said.
Read more about cyber security
- Cyber security must be top of the agenda for business, policy and research, according to a report by The Royal Society.
- Government announces a £250,000 programme to increase the rate of cyber security startup development in the UK.
- The UK’s National Cyber Security Centre (NCSC) is to be the UK’s one-stop authority on infosec, based in London and led by GCHQ’s Ciaran Martin.
- An essential part of information security is identifying and managing the risks, experts tell the European Information Security Summit 2016.
Bigot said he also discovered that, at the time, there was no cyber insurance to offer protection against total destruction of a business. “We have since worked with an insurer in France to build such a product,” he said.
Bigot was a member of a panel discussing how to defend businesses from cyber aggressors, which concluded that while there is no way to stop cyber crime and cyber attacks, businesses can and should focus on minimising the impact.
The panel also said organisations should not invest only in preventing attackers from getting in, but also in detection, response and remediation capabilities as well as employee education and training.