Digital Shadows has released its Shooting the Messenger: Understanding the Threats to the Media and Broadcasting Industry report which revealed that revenue generating websites are a threat to media businesses’ bottom line and are increasing with malvertising, extortion, propaganda, account take over and data leakage being the most common attacks targeted towards media and broadcast organisations.
The report further revealed that the insecurity surrounding Internet of Things (IoT) devices, such as Wi-Fi-enabled cameras, surveillance systems, lighting, and even fridges, is presenting cybercriminals and hacktivists with more opportunities to target media and broadcast organisations. Moreover, it revealed that as the media and broadcasting industry are increasingly conducting more business online as a growing demand from customers, there are projections of revenue increases of $100 billion by 2020 but the threat of having their websites forced offline and becoming unavailable to customers represents a serious business risk.
“Attacks can either be opportunistic in nature, whereby a threat actor will target an organisation having discovered a particular software vulnerability on a public-facing site, or more targeted as the organisation may hold particularly sensitive or lucrative information that can be used for a variety of malicious uses. Broadcasting services represent potentially worthwhile targets as they often hold extensive personal details about their customers, such as names, dates of birth, physical addresses and payment information,” said Chris Brown, VP EMEA, Digital Shadows.
The report further revealed that by their very nature, news sites attract large amounts of traffic. While this is great for their business models, it makes them an attractive target for malvertising, which is often used as a vector to compromise users who visit legitimate websites. Because advertising content can be inserted into high profile and reputable websites, malvertising provides online criminals with an opportunity to push their attacks to web users who might not otherwise see the advertisements, due to the use of firewalls or other safety precautions. The ‘Shooting the Messenger’ report further revealed a different approach to cyberattacks – typosquatting – where attackers use domain names that are similar to launch a wide variety of online fraud including phishing campaigns.
“Given the availability and low barriers of entry to leverage DDoS tools, one can expect both the frequency and size of DDoS attacks to increase,” said Brown. “However, DDoS attacks are only one piece of a far larger threat landscape for media organisations. IoT botnets have also demonstrated the capability to launch high volume denial of service attacks and despite increasing awareness, the security of IoT devices is likely to remain an issue for the foreseeable future as a growing number of Internet-facing products are insecurely brought to the market and threat actors develop ways to exploit them. Security professionals must understand the other threats that pose risks to their industry including malvertising, extortion and data leakage and by understanding these threats, as well as the actors behind them, media and broadcasting companies can better secure themselves and their customers.”
Email addresses of media and broadcasting organisations have also been leaked through other breaches. In a recent Digital Shadows report that analysed the extent of credential compromise from the world’s biggest 1,000 companies, many leaked credentials were discovered. By analysing nearly 30,000 claimed breaches, discovered across paste sites, criminal forums and dark web sources, we discovered over 935,870 email and password combinations for the media and entertainment industry. The top breaches were, somewhat unsurprisingly, social media platforms. Indeed, MySpace, LinkedIn, and Tumblr breaches were responsible for a respective 41, 14 and three percent of the total leaked credentials.