The French TV station TV5Monde suffered a major cyber-attack on the evening of the 8th of April resulting in all of its eleven channels being taken off air for three hours. At 10:00 p.m. Paris time the eleven channels for TV5Monde, which reach over 260 million people worldwide, went blank. At the same time the station’s Facebook page was hijacked and its website defaced.
The TV channel’s Network Director General, a Mr. Yves Bigot, said
“We are no longer able to broadcast any of our channels. Our websites and social media sites are no longer under our control and are all displaying claims of responsibility by Islamic State. “
Mr Bigot highlighted that the station lost control of its TV station, website, and its social media channels and that they were “severely damaged” due to an “unprecedented attack”.
The attackers claimed to belong to ISIS and posted personal information, such as CVs and identify cards, of the relatives of French soldiers serving in the coalition fighting against ISIS. There were also threats made against those French troops.
Some of the messages read “Soldiers of France, stay away from the Islamic State! You have the chance to save your families, take advantage of it,” and “The CyberCaliphate continues its cyberjihad against the enemies of Islamic State,”
In a reference to the terrorist attacks against the French satirist magazine Charlie Hebdo earlier this year a message on the station’s Facebook page criticising France’s involvement in the fight against ISIS saying “That’s why the French received the gifts of Charlie Hebdo and Hyper Cacher in January,”
The station’s regained control of their channels by 1:00 a.m. but Mr. Bigot stated that it could take hours if not days to resume normal broadcasts. TV5Monde regained control of their social media accounts by 2:00 a.m. but the station’s website was still offline 14 hours (13:00 9th April)) after the attack displaying the message “Nous sommes actuellement en maintenance. Merci pour votre patience.”
This is not the first time pro-ISIS hackers have taken over prominent websites to promote their messages of support for ISIS. In January of this year the official Twitter account for the U.S. Central Command (CENTCOM) was compromised, in March NBC news reported that the FBI was investigating the hijacking of numerous western websites by pro-ISIS supporters, and just two days ago the FBI issued an advisory stating that pro-ISIS sympathisers were exploiting Wordpress plugins to hijack websites.
In that advisory the FBI states the attacks are not targeted and that “the perpetrators are not members of the ISIL terrorist organization”. The advisory goes on to say
“These individuals are hackers using relatively unsophisticated methods to exploit technical vulnerabilities and are utilizing the ISIL name to gain more notoriety than the underlying attack would have otherwise garnered”
As of yet there are no details as to how the attackers managed to gain access to TV5Monde’s Facebook page, website, and most importantly their TV broadcasting network. To gain such level of access either indicates the attackers were more sophisticated than those the FBI warned about in their advisory or that TV5Monde’s were not as secure as they had thought. With last year's attack against Sony Picture Entertainment it appears that media companies are well and truly in the cross-hairs of on-line attackers