Digital Shadows has released its “Shooting the Messenger: Understanding the Threats to the Media and Broadcasting Industry” report which revealed that revenue generating websites are a threat to media businesses’ bottom line. The threats are increasing with malvertising, extortion, propaganda, account take over and data leakage being the most common attacks targeted towards media and broadcast organizations.
The Digital Shadows report further revealed that the insecurity surrounding Internet of Things (IoT) devices, such as Wi-Fi-enabled cameras, surveillance systems, lighting, and even fridges, is presenting cybercriminals and hacktivists with more opportunities to target media and broadcast organizations. The report also reveals that as the media and broadcasting industry are increasingly conducting more business online, there are projections of revenue increases of $100 billion by 2020. However, the threat of having their websites forced offline and becoming unavailable to customers represents a serious business risk.
“Attacks can either be opportunistic in nature, whereby a threat actor will target an organization having discovered a particular software vulnerability on a public-facing site, or more targeted as the organization may hold particularly sensitive or lucrative information that can be used for a variety of malicious uses. Broadcasting services represent potentially worthwhile targets as they often hold extensive personal details about their customers, such as names, dates of birth, physical addresses and payment information,” said Chris Brown, VP EMEA, Digital Shadows.
Because advertising content can be inserted into high profile and reputable websites, malvertising provides online criminals with an opportunity to push their attacks to web users who might not otherwise see the advertisements, due to the use of firewalls or other safety precautions. The ‘Shooting the Messenger’ report further revealed a different approach to cyberattacks – typosquatting – where attackers use domain names that are similar to launch a wide variety of online fraud including phishing campaigns.
Chris Brown further added, “Given the availability and low barriers of entry to leverage DDoS tools, one can expect both the frequency and size of DDoS attacks to increase. However, DDoS attacks are only one piece of a far larger threat landscape for media organizations. IoT botnets have also demonstrated the capability to launch high volume denial of service attacks and despite increasing awareness, the security of IoT devices is likely to remain an issue for the foreseeable future as a growing number of Internet-facing products are insecurely brought to the market and threat actors develop ways to exploit them. Security professionals must understand the other threats that pose risks to their industry including malvertising, extortion and data leakage and by understanding these threats, as well as the actors behind them, media and broadcasting companies can better secure themselves and their customers.”
