How the media and entertainment industry can protect media asset libraries against ransomware
David Phillips
Principal Architect, M&E Solutions, Cloudian
The media and entertainment industry has quickly developed into a prime target for ransomware. Organizations as large and diverse as Disney, Sony and France’s M6 Group have all been affected by cyberattacks in recent years.
Research from Forrester Consulting indicates that more than half of organizations (51%) in the M&E sector experienced three or more cyber-attacks in just 12 months, while Sophos’ ‘State of Ransomware 2020’ report found that media and entertainment is among the industries most affected by ransomware, with 60% of organizations hit last year.
With the average cost of a TV show on a major network or streaming service at nearly $6 million dollars per episode, the inability to access even a small portion of key files can be financially disastrous for production companies.
So, what is putting M&E businesses at risk and how can they effectively protect their media assets against the growing ransomware threat?
Data at risk
Arguably the main reason why M&E companies are so susceptible to ransomware attacks is the large number of people involved in music, movie and TV production. Large scale media productions often involve a considerable amount of people working on a single project, in addition to a plethora of third-party experts employed in outsourced roles such as music production, special effects, or post-production.
With so many people having access to business-critical systems and content, this creates an extensive array of potential attacks vectors, or inroads, which hackers can potentially exploit. It’s virtually impossible for an organization to enforce cyber-hygiene practices across such a wide range of employees and freelancers, and it only takes one security hole for hackers to gain access.
But it’s not just about the personnel involved. Factors such as an increasing reliance on technology and the growing number of digital content formats have quickly increased the complexity of production processes, thereby making it harder – not to mention more expensive – to protect against attacks such as ransomware.
This is especially true for small, specialty post-production and visual effects companies that often don’t have the resources to employ full-time IT and security staff.
And what’s particularly worrying is that ransomware attacks can be disastrous for M&E companies. The phrase ‘content is king’ is more relevant in media and entertainment than in any other sector. Content is the revenue stream, the crown jewels and the key differentiator that distinguishes an M&E organization from its competitors. Losing access to these media assets is therefore a nightmare scenario.
Given that nearly three quarters of ransomware attacks (73%) result in data being successfully encrypted, there is clearly an urgent need for M&E businesses to be more resilient in protecting their valuable media content.
Responding to ransomware
The first step for media and entertainment companies should be moving beyond established methods of stopping ransomware, as these produce unreliable results. For example, many businesses have traditionally focused on employee training and awareness, but some elements of human error are likely on large content production projects involving numerous third parties.
What’s more, solutions designed to prevent ransomware or reactively contain an attack’s impact rapidly become obsolete as threats and their identifying signatures continue to evolve.
Finally, encrypting data is a common bulwark against ransomware. However, while this can prove effective where cybercriminals want to access and share the data, with ransomware the data can simply be re-encrypted to prevent the rightful owners from accessing it.
This is where WORM (Write Once, Read Many) and Object Lock storage technology can make all the difference. WORM technology allows media producers to make unchangeable “locked” backups of their data, giving the media and entertainment industry a viable way of protecting media asset libraries from ransomware.
While these “locked” copies can still be read, they can’t be changed for a fixed amount of time, even if cybercriminals do manage to slip through the net. Instead of ransomware being able to encrypt the data and lock the victim out, data can be restored through a simple recovery process.
The even better news for M&E businesses is that object storage solutions equipped with new “Object Lock” functionality have made WORM technology more accessible. Object Lock provides WORM functionality on enterprise storage systems, removing the need for specialised storage solutions and protecting data at the device level instead of requiring an external layer of defence.
Object Lock also enables ransomware protection to be automated for simple management as part of the standard backup workflow. This removes the burden from M&E businesses, delivering a level of security that is comparable to offline storage without the labour-intensive manual steps involved.
With the security threats facing the media and entertainment industry continuing to increase, M&E businesses simply can’t afford to ignore the importance of comprehensive ransomware protection. Object Lock storage can provide a long-term, reliable solution to stopping the effects of ransomware, protecting the valuable media asset libraries that are the industry’s lifeblood.
About Cloudian
Cloudian® is a Silicon Valley-based file and object storage company specializing in S3-compatible object storage systems. With technology roots in the large-scale enterprise message space, Cloudian introduced its object-based platform, HyperStore®, in 2011. Cloudian products are offered by partners including VMware, Hewlett Packard Enterprise, and QCT, and by reseller partners worldwide.