Don’t Let Your OTT Success Turn You Into A Data Exfiltration Victim

Imagine you are a creative person with technical skills and limited moral constraints. Now imagine you get the opportunity to steal the series finale for Game of Thrones weeks before the episode is broadcast or streamed. That would be worth a lot, wouldn’t it?

Video streaming services, whether they are offered by traditional television broadcasters or digital native companies, are sitting on a gold mine. And many of those services don’t realize just how much their success has attracted the attention of the dark web.

By 2020, the U.S. OTT market is projected to generate $21 billion, up from $16.4 billion in 2014, according to research firm MTM. To the attacker, that growth represents even more opportunity to steal. Just what are they after? Let’s look at OTT’s three pots of gold.

Pot of Gold #1: PII and PCI

Let’s say that a criminal wants to buy a list of username and password combinations on the dark web. He might spend $1 per entry. A list of 100,000 costs him $100,000. But if that list includes subscription credentials for a subscription OTT service, suddenly, those $1 entries are selling for $10 and now the list costs $1,000,000.

Why? Because the list contains personally identifiable information (PII) and payment card information (PCI). Paid OTT services have to capture a lot of PII about their subscribers. The data may include, name, address, phone numbers, and even account numbers. According to Leichtman Research Group, 7 in 10 U.S. households (69 percent) now access a streaming subscription to Netflix, Amazon Prime or Hulu - that’s a whole lot of opportunity for a black hat.

Pot of Gold #2: Mezzanines for Popular Shows and Movies

How much would you pay to watch the cliffhanger episode of Westworld that reveals everything, and watch it before anyone else; $50? $100? $500?

Maybe you wouldn’t pay anything. Maybe you don’t believe in piracy. But not everyone is as ethical as you. We live in an era of peak video. There’s so much good content to watch that no one has time to keep up. But there are still shows that everyone talks about. If you could steal the file for key upcoming episodes, there is a busy market in the dark web for that stolen file.

Meanwhile, piracy is alive and well. According to antipiracy consulting firm Muso, the United States ranked number one for digital pirates, with 27.9 billion visits to piracy sites in 2017.

Port of Gold #3: Executive Communications

People love gossip, especially when it concerns famous or important people such as politicians, industry leaders or celebrities. What if you were able to get access to the email account of an OTT company executive? How much fame and credibility would you earn in the dark web community if you leaked controversial emails? Or what if you wanted to sell confidential communications to a competitor?

The bottom line is that the incredible success of OTT services means that the companies are now prime targets for the bad guys. And those companies need to think differently about themselves because of that. Unfortunately, it means they have to pay more attention to security.

Robbing the Bank of OTT Still Needs a “Getaway Car”

It’s not all bad news. Bank robbers need to get into the vault, but they also need to get out. Let’s say your firewall failed. Or your CEO clicked on that phishing link and accidentally allowed his laptop to be infected by malware that allows the criminal to control the machine. Or your IoT thermostat wasn’t properly patched and is now yoked to a malicious botnet. Just because the black hat made their way inside the network doesn’t mean they automatically get to walk out the door with stolen goods. They still need to exfiltrate the data.

And there is a way to significantly reduce your risk.

Often times, exfiltrating stolen data, whether it’s a customer list, a video mezzanine, or a file of emails, starts with a recursive DNS request to a malicious server. If you had visibility into all of these outbound requests and a way to proactively identify which ones were malicious using either past behavior or probabilistic inference, you could go a long way toward reducing the risk of data walking out the door. 

Maintaining security for an OTT service has unfortunately become more complex. It’s no longer limited to things like DRM and token authentication. Begin by acknowledging that recursive DNS is an attack surface. To proactively monitor and control DNS, you will need the proper tools. When considering security vendors, here are some questions you should ask:

  • How easy is the solution to configure and deploy and how long will that take?
  • Does it require any hardware to be deployed?
  • What DNS and IP traffic does the vendor have visibility into to allow it to create high quality and up to date threat intelligence?
  • How often does the vendor update its threat intelligence lists?
  • How does the vendor ensure that its threat intelligence feeds produce minimal false positive security alerts?
  • Can I integrate my own threat intelligence into the product?
  • Can the product accurately detect low throughput DNS data exfiltration?
  • Does the vendor give a 100% availability SLA for resolving DNS traffic?
  • How many DNS POPs does the vendor have?

As the OTT service market increases, expect even more hackers to view it as just more targets of opportunity. Be sure your security program is up-to-date and sufficiently robust to protect your service and customers. 

Shane Keats, Director of Media Industry Marketing, Akamai.

Shane Keats, Director of Media Industry Marketing, Akamai.

You might also like...

KVM & Multiviewer Systems At NAB 2024

We take a look at what to expect in the world of KVM & Multiviewer systems at the 2024 NAB Show. Expect plenty of innovation in KVM over IP and systems that facilitate remote production, distributed teams and cloud integration.

Wi-Fi Gets Wider With Wi-Fi 7

The last 56k dialup modem I bought in 1998 cost more than double the price of a 28k modem, and the double bandwidth was worth the extra money. New Wi-Fi 7 devices are similarly premium-priced because early adaptation of leading-edge new technology…

NAB Show 2024 BEIT Sessions Part 2: New Broadcast Technologies

The most tightly focused and fresh technical information for TV engineers at the NAB Show will be analyzed, discussed, and explained during the four days of BEIT sessions. It’s the best opportunity on Earth to learn from and question i…

Standards: Part 6 - About The ISO 14496 – MPEG-4 Standard

This article describes the various parts of the MPEG-4 standard and discusses how it is much more than a video codec. MPEG-4 describes a sophisticated interactive multimedia platform for deployment on digital TV and the Internet.

The Big Guide To OTT: Part 9 - Quality Of Experience (QoE)

Part 9 of The Big Guide To OTT features a pair of in-depth articles which discuss how a data driven understanding of the consumer experience is vital and how poor quality streaming loses viewers.