To mark Cybersecurity Awareness Month, we've updated our post looking at how educating viewers regarding the risks from malware can help reduce TV piracy.
One of the most popular blog posts we have ever written is 6 Ways To Stop Digital Piracy. This looks at all the various means available to operators to stop consumers from accessing their content illegally, and number two on the list is PR and education.
There are several different strands to this. Netflix, for example, has taken action against the problem of password sharing, pointing out to viewers that it is illegal to share your password, even with family members; it is a per-household subscription. At the same time, it has tried to move people towards maintaining their own accounts via various mainly 'nudge' tactics. This strategy has proved successful for the company. In its last quarter, it added 8.8 million viewers, and it attributes a good proportion of that growth to implementing the scheme.
Meanwhile, efforts have been successfully made in many countries to persuade consumers that rather than being simply ‘something everyone does’ - a normative crime - video piracy is not only illegal but something that has a severe knock-on effect on the entire industry. The argument is that less revenue means less content and less programming available from legal and illegal providers. If everyone stops paying, then nothing ever gets made.
However, one of the most effective tools available to operators has been highlighting the threat of malware for consumers of illegal content and the fact that accessing it also provides a ready-made route into domestic homes for cybercriminals.
A growing threat
Malware has been an increasing threat for several years now. The Covid pandemic resulted in a massive spike in malware activity as a growing number of workers worked from home using their own equipment, and IT departments could not cope with a massively expanded attack surface. The video industry had to cope with its own increases in demand during Covid, too. Still, the rising threat of malware here has been less about the overall numbers and more about the pivot from downloading illegal content to streaming it.
Downloading via BitTorrent and other P2P networks has always required some technical know-how. Often, the people accessing content this way were well informed of the potential for malware and viruses to attack their computers and took appropriate actions. However, as video piracy has become "easier" via web browsers, so have the attacks made through them.
As a recent report from the AAPA (the Audiovisual Anti-Piracy Alliance) puts it: "Every device connected to the internet that is involved in the audiovisual piracy value chain – including mobile phones, tablets, PCs, STBs, Smart TVs, and so on – is a potentially infectable endpoint.”
The UK-based FACT (Federation Against Copyright Theft) analyzed 50 streaming sites, and all 50 were found to have malicious content. Cybersecurity experts classified over 90% of sites as ‘risky,’ while more than 40% had no security certificate. Users were “bombarded” with threats, which included banking trojans, crypto scams, and extreme or explicit pop-ups, while they also found that finding the content they wanted to watch was more difficult than ever as they were bounced around the web.
QoE is not one of the pirate’s strong points…
71 seconds to compromise
To measure the extent of the problem, the researchers set up several simulated use cases — a PC, a tablet, and an STB — and pointed them at sites on several devices known to host illegal content. These fake users then replicated the behavior you would expect from ordinary members of the public: registering, clicking on links, searching, etc. The researchers then looked at what happened.
Unsurprisingly, PC users suffered the most extensive range of attacks. Attacks ranged from pop-up windows to cost-per-click fraud malware, browser notification hijacking, browser extension installation, adware, full-on malicious application installation, malicious banner ads, and more, as well as many other intrusive but more mainstream revenue generation attempts.
That is not to say that mobile users got off lightly. Out of 33 IPTV apps tested on Android devices, 19 contained malware, making the chances of downloading a piracy-oriented IPTV app with a hidden malware cargo 57%. Meanwhile, no malware or even unwanted patterns of advertising (intrusive banners or interstitials) were observed on the Android TV STBs.
And all this happens swiftly, as a PC can be compromised in just over a minute and 71 seconds.
Here are the details of what happens during one session.
“During that time, [users] were presented with two popups – one, a Russian browser promising cash discounts for internet purchases, the other, selling CPC [cost per click] leads for Game of Thrones traffic – followed by their screen becoming locked, and providing an actual phone number to call Microsoft to unlock the PC due to the presence of cyber threats. The number was verified as not belonging to Microsoft – in fact, it was a scammer phone number, where the scammers tell the consumer that they need “technical support” during which a Remote Access Trojan is planted on the computer.”
The best defense against malware?
It’s a worrying story but an increasingly common one. One important aspect of the experiment is illustrating that malware “is not just an APAC problem.” The compromise experiment above was built on the work of one mounted by AVIA, which showed that in the APAC region, the time to compromise was as little as 43 seconds. The difference between the two regions is, therefore, 28 seconds. Arguably, consumers protected by an extensive legal and regulatory network in Europe could expect a more extended grace period before they are attacked. The fact that they do not have one showcases how widespread and insidious the problem is.
And it is not going away. In May, we wrote that Popular Android TV boxes are being sold with malware payloads, while only this month, news has emerged that the problem may be worse than first thought. Researchers have found seven additional Android streaming boxes with similar backdoors, one tablet, and signs of at least another 200 Android device models that may be compromised.
The best defense against malware is to avoid visiting the sites, buying non-branded TV boxes, or downloading the apps in the first place. This is the critical message to get across to customers and is the hardest-hitting one.
Everyone knows the dangers of cybercriminal activity, from simple fraud through ‘card not present’ transactions to ransomware and outright identity theft. Indeed, one in five Europeans experienced identity theft in the two years up to 2020.
As an industry, helping to educate our customers about the dangers of clicking on the button that will take them to an illegal streaming site is a powerful argument to stop them from wanting to do it in the first place.
