By Steve Hawley
Industry conversations about digital piracy tend to center on the theft and illegal redistribution of video content, delivered through apps, Web sites and illicit streaming devices. “But cybersecurity threats are growing exponentially now,” said Shane McCarthy, Chief Operating Officer for Video Entertainment at Irdeto, whose cybersecurity team includes a network of investigators that monitors more than 90 large scale piracy groups worldwide.
“Today, we pay to subscribe to an Internet service provider or video operator and we get a gateway to the Internet that also makes us vulnerable to a broader range of threats.”
Pirates operating at a commercial scale can purchase consumer databases for just hundreds of dollars. Once a pirate has personal details, consumers are targeted by phishing attacks that trick them into downloading fraudulent apps that expose them to stolen content and services, fraudulent advertising, malware and ransomware. In many countries, just the act of consuming stolen content can break the law.
More compelling, less expensive
Today, piracy is a financially attractive proposition, both for consumers and for the pirates. Consumers can use a $30 streaming device from a legitimate consumer electronics provider, and then pay a pirate service anywhere from $20-80 per month for 5,000 channels of TV programming, with additional service fees for multi-room service and rental fees for video on demand. There have been many cases involving pay-per-view events such as prize fights, which are available from pirates for a fraction of their cost from legitimate video providers.
More attack surfaces than ever
Ten years ago, there were fewer distribution channels for video to reach consumers. Hacking set-top boxes and selling pirated DVDs were the main pirate activities.
But because of the explosion in digital consumption via OTT services, pirates have many more avenues of attack. In the set-top box days, the content remained within the operators managed network and the weak link was the set-top box. The pay TV operator could take the compromised card or set-top box out of service and the take-down would be permanent. Now, there are many more attack surfaces for pirates to exploit.
Content travels on the open internet rather than on the operators managed network. You now have thousands of smartphone models, media streaming devices, smart TVs, tablets, etc, to consume the content. Instead of one or two pay-tv operators, there is a plethora of video streaming services. And even if an illegal streaming site is taken down, it is not unusual to see it back online under a different domain or IP address. In some countries, rather than following the pirate as these change, the take-down process has to be started all over again.
Covid didn’t help
The global coronavirus pandemic accelerated the transition of programming from traditional to online distribution and consumption. Majority of theaters worldwide had to close their doors as due to lockdowns. As a result, studios released more films online. As film production re-started after months if inactivity, studios accelerated the experimentation to virtual production. Studios, broadcasters and TV programmers move video feeds and files from video shoots, UHD digital cameras, remote sites, studio facilities, post, production, storage and into distribution; all online – resulting in an explosion in the number of video end-points that are vulnerable to penetration by thieves.
No single fix
While Covid accelerated this situation, this evolution has been a gradual process that was already underway when Covid hit. Similarly, there’s no single remedy for this trend.
“Operators can’t expect to buy a single solution or establish a fixed budget to fix piracy,” said McCarthy. “They need to understand the problem and then understand how to keep the problem at bay. While all video providers have to establish and maintain a baseline of protection through DRM or conditional access, they also need to know where their content is being sold and who is selling it.” This argues in favor of piracy detection and countermeasures that mitigate it, which are incremental to CAS and DRM.
Piracy intelligence
Shane McCarthy continued that “To detect piracy, operators need investigative experts to infiltrate and understand it before they can act against it.” A good way to begin is to profile what ‘normal’ subscriber behavior looks like and then search for anomalous situations, such as too many devices, viewing requests or locations on a single account. “Using such investigations as evidence, the operator can take an objective view of the problem and put a bespoke service in place to address it,” he said.
Partnering with law enforcement
Irdeto benefits from being part of the MultiChoice Group, Africa’s leading entertainment company with more than 20 million pay TV subscribers across multiple countries in Sub Saharan Africa and in South Africa. “Cyberthreats are very different from country to country,” said McCarthy. “Also, local law enforcement treats piracy differently from country to country. Because piracy is a criminal offense in most jurisdictions, Irdeto finds law enforcement to be a willing collaborator in fighting piracy for operators. Irdeto acts as an expert witness.”
The growing cybersecurity threat
Piracy is not the only concern but companies should consider their overarching cybersecurity practices and tools. While video piracy has been a major area of focus, the broader risk of cyber attacks looms for those pay-tv operators that offer broadband services. In-home routers provided by the ISP can be a backdoor to the operator’s network, exposing customer and company information, becoming vulnerable to attacks on the services themselves, or ransomware threats in the enterprise.
With more connected home and work from home schemes, there is a new level of threat to consumers as well. Modern appliances, home security and medical devices used by those who are ageing in place at home all have their own respective security needs and each represent a window that can be exploited by hackers.
Smarter detection and response
To respond to the exponential growth of video services, online access, piracy, and cyber attacks, solutions must also evolve at a pace that stays ahead of the game. “We need to harness machine learning and artificial intelligence to identify and respond to piracy in scaled service scenarios,” said McCarthy. “The time from detection to mitigation must be reduced. In the entertainment context, time has tangible value: where a sporting event might be over in a matter of minutes. We need to apply automation in an intelligent way.”
“To fight piracy and the growing threat of cyber attacks, the operator needs to decide how much they want / can do themselves; and what to partner for. Legally, pirates and hackers are tough to fight: they are usually multijurisdictional threats and not located in a fixed territory,” concluded McCarthy. “There’s no single A-B-C method for fighting them.”
[ Note: Piracy Monitor is grateful to Irdeto as a sponsoring supporter. However, opinions expressed by Piracy Monitor are independent. ]
