Widgets Magazine

WannaCry and the Audio Video industry

WannaCry and the Audio Video industry

On Friday the BBC began reporting of a virus moving through the NHS (National Health System) of the UK. By the end of the weekend, the totals were staggering. There were 150 countries attacked with more than 200,000 computers infected overall.
The WannaCry Virus is ransomware. This means the virus locks the data on your computer, refusing you access to it until you pay a fee, a ransom, in the form of Bitcoin typically. As of this writing, the group has collected about $38,000. The warning screen that presents itself demands $300 though that price will go up in “three days” if the payment isn’t made. Ultimately the group behind the WannaCry virus threaten to delete your files altogether if they do not receive payment.
I’ll put links at the bottom of this post with some great resources. Where I want to go with this is to call on the manufacturers, installers, and IT/Tech managers. We need to do a better job of both securing our systems and of updating them.
The WannaCry virus attacked computers running Microsoft Windows operating systems. These bad actors used a known exploit in the Windows OS. The exploit was leaked by the NSA weeks ago, and Microsoft has since sent out a patch to fix the security issue.
Notice what I said here. This was a known issue that the manufacturer provided a fix. That means those who have been impacted by this virus had not taken the simplest step of updating the OS.

Saving the Audio Video Industry from a Cyber Attack

When it comes to audio video networks, there are reasons to be connected to the Internet proper. Network connectivity allows for convenience and functionality you wouldn’t be able to get if it was a closed system. Remote management and monitoring is just one example.
If our systems are going to be connected to the Internet at large we need to do the necessary steps:
1) Manufacturers providing security patches when they realize there is an issue.
2) Integrators and technicians need to update their systems with these patches.
3) IT and AV tech managers need to update their systems or allow their trusted partners to do it for them.
I have been teaching an IoT security session for AVI Systems the last few months. The next one is in Minneapolis next week. In it, I demonstrate how audio video systems and devices are not immune to these sorts of attacks. If we are on the Internet, we are vulnerable.
An attack on your system is going to happen. It isn’t a matter of if anymore, it’s a matter of when. So, what can you do?
1) Separate networks based on functionality and importance of information.
2) Use a VLAN to do the separating.
3) Use as few ports as possible to connect those disparate networks that need information from one another.
4) Update when given the tools to do so (see above).
We have some great technology out there that provides your clients with exceptional experiences. Let’s not ruin that experience with the audio video system being the starting point of a cyber attack.
Thank you for taking the time to read my blog. Have a great week.
Stories and Links:
Theresa Payton, security expert – Twitter
BBC reporting on WannaCry
USNews covering the virus

About Author

Tim Albright

Tim Albright is the founder of AVNation and is the driving force behind the AVNation network. He carries the InfoComm CTS, a B.S. from Greenville College and is pursuing an M.S. in Mass Communications from Southern Illinois University at Edwardsville. When not steering the AVNation ship, Tim has spent his career designing systems for churches both large and small, Fortune 500 companies, and education facilities.

Leave A Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.