Cyber-attacks have become increasingly sophisticated and frequent and the need to manage cyber risks to ensure business continuity has been consolidated on every leadership agenda According to data from Microsoft’s 2021 Digital Defense Report, 24 trillion threat signals had been identified by the company around the world, a significant increase from the 3 trillion signals from the 2019 report.
In the entertainment industry, it is no different. Content piracy is one of the biggest issues plaguing the video-streaming and the OTT (over-the-top) industry worldwide. As an example, according to the Motion Picture Association (MPA), online TV and film piracy costs the US economy at least $29 billion in lost revenue each year.
There are multiple reasons for the rise of digital piracy. First, access to cheap (or free) content can appear lucrative to many. The advent of new technology has made pirated content readily available to those whose geographical locations otherwise restrict them from accessing it. Piracy can impact the consumption of original content through password and credential sharing, sending files over the internet, and purchasing illegal streaming devices and services. These are available at just a fraction of the cost to the consumer but impose mounting revenue losses and reputational harm on the original creators.
As content consumption and digital access continue to grow, stakeholders must collaborate to form effective anti-piracy strategies as it is not enough to install anti-piracy software. An effective program requires not only the right tools but also the right mindset and awareness throughout the entire organization. It is also essential for companies to drive discussions in their local markets, promote campaigns and support government action to improve the piracy landscape and pave the way for a brighter future.
Based on our experience as a global leader in video security and beyond, from “lens to screen,” and from “production to consumption,” here are our recommended five steps to establish a successful anti-piracy and cybersecurity management program.
Prevent and Protect
Using multi-DRM and Conditional Access, an industry standard, is the first step in preventing piracy and protecting valuable content. An effective multi-DRM system provides a frictionless viewing experience, while at the same time protecting and maximizing content revenue. It keeps infrastructure costs in check and helps untangle and simplify DRM deployments across various players, streaming formats, devices, and platforms.
Forensic Watermarking should also be an industry standard. Fortunately, encoder, packager and CDN standards and integrations have made watermarking content significantly easier. Concurrent Stream Management limits credential sharing and allows operators the ability to upsell additional streams. Finally, the final line of piracy defense involves code protection and obfuscation to protect software from unwanted attacks.
The second step in fighting piracy involves hardening your platform to minimize the risks from hacking attempts targeting your content or back-end systems. The industry has seen countless examples where hackers have gained access to a platform and, through that vulnerability, wreaked havoc on other systems.
A good example of platform hardening is penetration testing – or pentest -, an in-depth security assessment on a specific system or component within an OTT environment, OTT application or even an important server for the OTT platform. During this test, the security team simulates an attack by a malicious person on a selected (web) application, infrastructure, or device. For example, a pentest on an Android OTT application includes testing the app on a mobile device but also focuses on communication with the backend.
Monitor and Detect
Our third important step in anti-piracy and cybersecurity management involves monitoring and detecting threats. The business strategy benefits from the recognition of the type of threats the business may encounter. Effective tools such as Online Piracy Detection (OPD) and Brand Protection make it more difficult for pirates to find alternative sources, devices and subscriptions.
Tools that should be used include threat intelligence to monitor information gathered via proprietary web crawling, deep and dark web mining; live, VOD and P2P content discovery using crawlers built to discover where infringements happen on the internet; brand protection measures and anti-fraud management.
Investigate and Analyze
Investigation and analysis is an important step in any anti-piracy program. This is where companies and cybersecurity vendors need to operate on the offensive, as opposed to the defensive stance of the previous steps. It is where you will find out exactly how pirate applications and devices work.
It should include reverse engineering service to be applied to customer applications to test the robustness of the application against a variety of attack types, and threat intelligence analysis and forensic evidence collection.
Report and Enforce
Finally, companies and cybersecurity vendors must report and enforce in collaboration with international partners. There is no silver bullet to piracy and the fight against piracy cannot be done alone. Collaboration with partners can include measures such as payment disruption, IP blocking and takedowns, but also insights, managed services, consultations, and training others in the anti-piracy/content protection community. We are in this together and can certainly learn from each other.
Whether it is movies, high-profile series or live sports events, video content continues to be one of the most valuable intellectual property forms in the world. Increased screen options for consumers (phones, tablets, smart TVs, etc.) have facilitated the growing consumption of video content over the years. It is crucial to ensure that these assets are adequately protected.
As mentioned, there is no magic cure for piracy. As video entertainment delivery and consumption evolve, pirates continuously find new ways to circumvent security technologies and steal valuable assets. Rights holders and content owners must use every tool at their disposal to continuously prevent these emerging threats and protect their revenue. An end-to-end approach combines state-of-the-art security technology with expert piracy oversight, cyber investigations, intelligence analysis and targeted enforcement.
[ Note: Thanks to Irdeto, a sponsoring supporter of Piracy Monitor. Any opinions expressed by Piracy Monitor are independent. ]