A big story making the rounds of the radioverse this week is the story of the Louisiana radio station “taken down by hackers“.
Stannard Broadcasting’s cluster of “Today’s Country 105.7” KVVP Leesville, Rock “Channel 95.7” KROK South Fort Polk, and AC “Mix 106.7” KUMX North Fort Polk originally claimed they were “hijacked” last Friday with their systems being held for ransom. In reality, the station’s computer systems were not protected. The stations were running the no-longer supported Windows XP or any virus protection being kept up-to-date and hit by the Cryptowall Ransomeware that encrypts every file on the system and is not released unless they send money via bitcoin to the virus distributor.
Having outdated software and an unprotected system resulted in the station having to rebuild its entire computer system and hours being off the air. And the on-air computer shouldn’t have needed to be connected to the outside world. The costs to simply upgrade and maintain the station’s software over time would have been more cost-effective in the long run.
Meanwhile, Townsquare Media’s 95.7 KEZJ Twin Falls, ID hasn’t been affected by anything yet, but could easily have been. Someone associated with the station published all of the station’s internet passwords on a publicly accessible web page. I won’t link to the page which is accessible by Google search, but here’s a screenshot with the logins covered:
Had someone with malicious intentions discovered the page they could have accessed the station’s website backend, photography subscriptions, and analytics. There’s no reason for any login to be on a publicly available page on the server.
These should be common sense issues for any broadcaster, but there are always places where common sense doesn’t exist.
Lance,
how do you feel about a station who links to a public folder where downloadable copies of all station Logos can be found?
If a station were to switch formats or launch a new one, the surpise would be ruined by having a public directory like that.
Apples & Oranges compared to this situation, but something that should be prevented as well. I’ve reported on many format changes in that manner and most of the big groups have since prevented access to public image directories.
But in the grand scheme there’s only a handful of people who would even bother to go digging to find open doorways for access to content in that manner, it’s nowhere like putting important usernames and passwords on a publicly accessible webpage.
BTW if you are running an internet STL with XP machines it’s just a matter of time before something like this happens to your operation too.
Internet STL’s might be almost free, but I would have some kind of non internet back up just in case.
What blows my mind is that WordPress (the backend software on which all of Townsquare’s stations—and CBS’, and RadioOne’s, and the list goes on…—are run) allows for private posts and pages that can only be accessed by authenticated users, so there’s no excuse at all to have all of that information publicly posted (and therefore Googlable) on the website.
Need login info for the stock library or analytics account? Log into your dashboard first and search for the page from there.
Running XP in and of itself is not a sin. It is a stable, mature operating system. In this instance, the station was running OMT MediaTouch which did not run on anything newer than XP and for which a Windows 7 upgrade is a significant investment and would require new hardware as well.
More of a sin is not taking security precautions and locking XP down or having backups for their critical systems and data. This particular malware infects not only XP, but also Vista, 7 and 8. So its is not a case of XP having a special vulnerability.
XP does not equal bad. It is still run by a large number of organizations and is embedded in a lot of devices as well.
This instance should highlight the importance of IT security and the advantages of non-Windows platforms for running PTA.
"
taken down by hackers"
.No.