Crisis has always been a powerful catalyst for social change and there no doubt the COVID-19 pandemic is proving the same. As we adapt to the new normal the popularity of streaming services has grown dramatically as isolation creates more free time. Launched in November 2019, Disney+ recently announced that they have surpassed 50 million paying subscribers.
Along with that rise there’s been a similar rise in a whole range of cyber security threats on these streaming services. In fact, one of the key focus of Privacy Awareness Week is the importance of safeguarding personal information as we spend more time online.
The media and entertainment industry has quickly developed into a prime target for ransomware. Organizations as large and diverse as Disney, Sony and France’s M6 Group have all been affected by cyberattacks in recent years.
Research from Forrester Consulting indicates that more than half of organizations (51%) in the M&E sector experienced three or more cyber-attacks in just 12 months, while Sophos’ ‘State of Ransomware 2020’ report found that media and entertainment is among the industries most affected by ransomware, with 60% of organizations hit last year.
With the average cost of a TV show on a major network or streaming service at nearly $6 million dollars per episode, the inability to access even a small portion of key files can be financially disastrous for production companies.
So, what is putting M&E businesses at risk and how can they effectively protect their media assets against the growing ransomware threat?
The world is contending with an increasing amount of cyber threats today: Tb-level DDoS attacks have become a new normal; web application threats are on the rise; crawler attacks are steadily increasing. The ever-more sophisticated cyberattacks have placed the data and assets of corporations, governments and individuals at constant risk. This research report, produced by BaishanCloud in partnership with Beijing Digital World Consulting*, aims to shed some light on the global internet security landscape by investigating three key types of cyberattacks (web application, DDoS, businessscenario-based attacks), and inform coping strategies for internet security professionals.
Teresa Cheung (Managing Director HK) and Jackson Chow (Technical Manager) discuss TestWizard, Eurofins’ Open Test Automation Infrastructure, and their cyber security testing service.
This article originally appeared in the IABM Journal, issue 100 which is available to view online here John Ive Director of Strategic Insight IABM If the threat of cyber-attack is not yet keeping you awake at night, it is a major concern for many broadcasters and media companies – and if vendors haven’t yet been asked about their product or service’s resilience to cyber-attacks, they will soon. The ever-increasing connection between back-office and front office systems makes not only media organizations’ business systems vulnerable, but also their media assets. You may not hear about such attacks often because the reputational damage is at the very least highly embarrassing for companies, but they are happening with increasing frequency. The attack on Sony Pictures Entertainment in 2014 may have been politically motivated, but such attacks can equally be for financial gain –ransoming assets for example, or obtaining customer personal and financial data for criminal exploitation. Even a grudge or grievance can be the starting point for a highly damaging cyber-attack. TV5Monde was the subject of just such an attack in 2014 –and was only saved from irreparable damage by good fortune – an engineer with the right skills and knowledge happened to...
This article originally appeared in the IABM Journal, issue 102 which is available to view online here Lorenzo Zanni Research Analyst IABM If the threat of cyber-attack is not yet keeping you awake at night, it is a major concern for many broadcasters and media companies – and if vendors haven’t yet been asked about their product or service’s resilience to cyber-attacks, they will soon. TV5Monde was the subject of just such an attack in 2014 – and was only saved from irreparable damage by good fortune – an engineer with the skills and knowledge happened to be on-site, and was able to identify and shut down the portal through which the attack was being conducted just in time. Alongside theft of data and media assets, Denial of Service (DoS) or worse, DDoS (Distributed Denial of Service) is also on the increase, as organizations that don’t share a particular broadcaster or media company’s view of the world come under highly sophisticated cyber-attack in an effort to shut down their operations and damage their infrastructures and reputations. Recently, there has been a growing number of well-publicised ransomware attacks where cyber criminals encrypt a company’s data and will only release the key...
David Meltzer – CTO, TripWire History confirms when it comes to cyber security that one particular pattern always holds. Disconnected systems start to become connected together, and over time these move from proprietary little known protocols to open standards, leading to a proliferation of new applications and uses. Soon these systems are not secure. New vulnerabilities are discovered then security is retrofitted back in. This session reveals how this pattern occurred, and how to apply the lessons learned from other industries to build resilent, secure environments in IP-connected broadcast systems. [maxbutton id="130" ] [maxbutton id="131" ]
With the adoption of IP Systems in the broadcast arena, cyber security must be built in from the start with consideration to future security threats. In this presentation Denis Onuoha (Chief Information Security Officer, Arqiva) aims to dispel the myth that IP Systems are complex to secure and explores basic steps that can be built-in for securing the broadcast chain. Technical and Process controls are discussed that can aid in the reduction of the attack surface. Denis explores the build, operate and maintain lifecycle. Most of the well-publicised attacks that have occurred in the industry have one thing in common which is lack of basic controls and poor users awareness, once these topics are addressed the impact of a cyber-attack will be significantly reduced. [maxbutton id="136" url="https://theiabm.org/wp-content/uploads/2017/10/DenisOnuoha.pdf"]
This article is from The IABM Business Intelligence Digest from September 2018. The full report can be viewed here Cyber security is a growing challenge for media organizations. According to the 2018 Verizon Data Breach Investigations Report, 68% of security breaches across industries took months or longer to discover. As they aggregate and distribute digital content through various channels, modern media companies are becoming increasingly connected enterprises. Cloud-based streaming piracy, theft of protected content, theft of customer data; the sources of threats for media organizations are multiple, and the nature of attacks varies dramatically. Some risks are common to every organization that uses information exchange software, cloud-based infrastructures and customer data. The specific risks to media organizations are related to the production and the distribution of content, which is increasingly subjected to costly attacks and theft. According to the antipiracy consulting firm Muso, traffic on internet piracy sites in 2017 represented a total of 300 billion visits, a 1.6% increase from 2016. This reflects the global increase in mobile use: while just 13% of visits to piracy sites are via desktop, 87% of visits to illegal platforms are from mobile devices. In 2018, the industry is taking security much more...
Denis Onouha (Arqiva) explains that with attackers now taking days rather than months to master new vulnerabilities and exploit them, organizations need to follow the same steps and deploy intelligent controls while adopting emerging technology through all the stages of the lifecycle.