There’s a steady stream of news about cybersecurity issues that are indirectly or directly relevant to the battle against video piracy.
Just this week:
Verizon published its Mobile Security Index 2020, which found that 39% of companies worldwide suffered a mobile security compromise in 2019, up from 27% in 2018. Just 13% of businesses have all four of the following protections in place: data encryption, role-based access, prohibiting of default passwords, and regular security testing. Video providers, take note. (Reported by InfoSecurity)
Security risks increase even further as more employees wear personal devices such as fitness trackers and smart watches in the workplace. Cybersecurity researcher, Zscaler found “nearly 500 million transactions from more than 2,000 organizations revealed 553 different IoT devices from 212 manufacturers” (Reported by ZDNET)
At this week’s RSA Conference, security company Sophos reported on an attack that deposited remote access trojans (RATs) onto Linux and Windows-based cloud servers running in Amazon Web services. Using http and https, the party controlling the deposited malware could then take control of the servers (Reported by Dark Reading)
Adobe advises that it has released fixes for a range of security vulnerabilities in software products used for digital media production, including updates for Adobe Media Encoder, Adobe AfterEffects and other Adobe products. Another update repairs a buffer security flaw in Adobe Digital Editions and a bug in the Flash Player that could lead to arbitrary code execution.
Cybersecurity company Confiant reports that malvertising – a practice used by hackers and pirates to infect consumer devices with trojans and malware – is being used to exploit companies using older browsers and computers. They use a measurement that they call the “Eposure Index,” which is described in their linked article. A measurement of 1 is average.
Confiant found that broadband and video service providers – particularly in Europe – have higher than average likelihood of being subjected to malvertising; much higher than many corporate and government agency operations.
Why these matter
And as they say in radio, “The hits keep coming.”
As the media and entertainment creators and the industry become more aware of the risks of piracy and lean forward into addressing them, they should be mindful that content isn’t stolen only because of misused, forwarded or stolen passwords. Addressing breaches in IT infrastructure, in the delivery chain, and in consumer devices that result in content theft is also important, but even then, it’s an incomplete picture.
The Film and TV Production Security Guidelines from CDSA (the Content Delivery and Security Association of MESA), specify common-sense measures for any operation that handles valuable media content. Securing the processes of software updates, electronic exchanges with technology partners, secure IT infrastructure and the correct implementation of interprocess APIs also can’t be ignored.