How the Tour de France secures its broadcast from disruption

Few sporting events have the scale and logistics challenges that the Tour de France presents. Event organizer ASO uses the cloud and tight physical security to avoid cyberattacks and broadcast integrity.

By Dan Swinhoe Once a rarity, cyber incidents in the sporting industry are becoming common. While sports organizations have large amounts of sensitive, valuable information, the incidents themselves are often tied to the political climate.

The 2018 South Korean Winter Olympic Games were hit by a cyberattack during the opening ceremony. The attack – known as OlympicDestroyer and thought to be a Russian-sponsored attack in retaliation for barring entry for its athletes – brought down services including the official ticketing app. The attack also targeted the event’s IT services provider.

Both the World Anti-Doping Agency and athletics governing body World Athletics have been hacked in recent years, leaking medical data on many of the world’s athletes. FIFA has also suffered information leaks following a breach.

The fact that so many people watch sporting events makes broadcasts attractive targets for attackers with a message. Islamist hackers have attacked French and Israeli broadcasts in recent years, including disrupting the Eurovision song contest to send false missile alerts.

As the organizer of the Tour de France, the Amaury Sport Organisation (ASO) is responsible for putting on the largest cycling event in the world and needs to ensure that the all the information it broadcasts out is robust and safe from interference.
Digital transformation means more data to protect

As the biggest event in global cycling, the Tour de France sees over 170 of the world’s best cyclists pass through stages in the Pyrenees and the Alps before finishing in Paris. More than 10 million people on the roadside watch the 23-day, 2,000-mile event. Millions more view the race on TV or the official site and race web portal.

The event has recently undergone a major digitization push to move beyond simply showing basic footage of riders. Previously, the location and position of riders was done manually by spotters. “Today we are retrieving GPS position, feed and analytics of each rider, and with that we are capable to produce a lot of information,” says Pascal Queirel, directeur des systèmes d'information at ASO. “The idea was to really revolutionize the viewing experience and localize all the riders in real time, first giving broadcasters more information about leaders, then giving fans the possibility of searching for specific riders.”

After collecting the data, ASO and digital partner NTT then push out both the broadcast feed and information about the precise location, race position, and speed of riders. Outside of the traditional broadcast feeds, this is primarily done via the Race Center, a web portal that provides the main hub of real-time information about the individual riders' positions, weather and rich media content as well as more static information on the geography of the stages and the riders’ basic biographic information and relays it in an easy-to-digest format for viewers.

During the Tour, the main worry for the digital team is around availability and integrity of the broadcast and the Race Center. The broadcast needs to remain intact and the information around the event and the riders needs to be correct. Disruption to the feed would not only impact ASO but all the broadcasters it works with and the fans’ viewing experience. “The data that we are processing is fully available in real-time, online," says Queirel. “So, the main risks are a denial of service, or to replace some features [on the site], or to use our site for the purpose of sending bad message.”
Logistics, scale and security on tour

The logistics of the event are on a scale few events can match; 180 trucks move everything between each stage of the tour, including the tour’s technology infrastructure. Queirel and Wade describe the Tour as a huge logistical puzzle with multiple layers of security that need to be implemented every day.

“Every day we move a data center embedded in a big truck from one city to another,” explains Queirel. “Every day we are deploying our large internet connection with all the suppliers, all the partners, all the broadcasters.”

ASO and its parent company Éditions Philippe Amaury – the French media group best known for publishing the L'Équipe sports newspaper – have their own dedicated security teams, but for the Tour de France much of the security responsibility is delegated to NTT. “We need to separate our internal systems and the system we have during the event on site. It is on these specific systems, which are moving every day from one location to another, that we need to be cautious around and focused on during the event.”

During the event, ASO has one IT person from the website team in case of any problem with the load or the website while NTT has three technical people on-site, with the rest located remotely. The physical security aspect is one that ASO pays keen attention to. As soon as the trucks are parked, fences are erected, access controls requiring accreditation and RFID cards are installed, and security guards patrol the area constantly.

While there is, and likely always will be, a physical presence on-site with regards to technology. The days of multiple appliances and direct physical data connections between trucks and on-site partners using cables has gone, and instead the deployment is largely cloud-based.

“At the beginning of the tour, we have a few days when you work out and find out any issues that we had and go and make those connections,” explains Tim Wade, vice president at NTT’s Global CTO Office. “We ended up having a very complicated deployment that would take place every day, and that meant that the onus was on us to go and foot cables and to make sure everything was secure, and all the configurations were right.”

Today, those connections are all cloud-based. Integrations are done via web sockets with a secure token over a VPN and configured before the race itself, which means more potential integration issues can be dealt with ahead of time and issues during the event can also be handled remotely. Little physical infrastructure is required on-site, reducing the chance that anyone can physically abuse equipment.

“We have those sessions already set up and secure before that, and this gives us the opportunity to have a more secure deployment because we can use cloud-based tools like endpoint protection, DDoS protection and cloud-based antivirus,” says Wade. “The equipment that we have [on-site] at the end of the race is very small and it's not open to people walking around.”
Innovation tested before the Tour

As well as the Tour de France and smaller cycling tours, ASO runs motor sports events with the Dakar rally, sailing with the Tour Voile, mass events with the Paris Marathon, and golf with the Lacoste Ladies Open de France. However, the Tour is the pièce de résistance within the ASO and where its efforts are always focused.

“The Tour de France is unique,” says Queirel. “This is the only cycling event where we have more than 40 broadcasters on site at the finish line, more than 2 million people around the roadside. It is exceptional.” Once products such as the Race Center are developed for the Tour, those same digital and security components are then reused for the smaller events where it makes sense and can be easily redeployed from the cloud.

“In our organization, the Tour de France is the top layer,” says Queirel. ”Innovation on the Tour is tested before because our motto is 'no tests on the Tour de France'”.
Join Geezgo for free. Use Geezgo's end-to-end encrypted Chat with your Closenets (friends, relatives, colleague etc) in personalized ways.>>
January 23, 2020

Post a Comment



Contact Form


Email *

Message *

Powered by Blogger.
Javascript DisablePlease Enable Javascript To See All Widget