Note: We have split the article into 2 halves. In Part -1 , we have discussed Media industry and what kind of cyber threats this industry has already faced. In Part – 2, we have discussed how these cyber threats happen, why they happen and what is the solution for this
Just think of a situation when a large media production house does intense promotion of a web series with lots of enthusiasm and expectation. Just a couple of days before the scheduled streaming, there was a system breach and the entire series was stolen and leaked on the internet by some unknown user to affect the grand release. Can we ever imagine the amount of loss the production house will have to bear? The entire project that involved money, hard work, planning, resources went meaningless miserably.
It has been conventionally noticed that the Media/ Entertainment industry nurtures a preconceived notion that this industry bears less risk of cyber threats. This lackadaisical attitude gives ample scope for cyber criminals to explore the vulnerabilities and breach data. Many incidents have already proved that media companies are not at all spared by hackers. In fact, the intellectual properties in the entertainment industry and the confidential data entice the cyber criminals to perform data breach. Poor (sometimes non-existent) IT security infrastructure makes their job easier.
Media Industry is categorized into three types:
- Digital Media
- Electronic Media
- Print Media
Unfortunately, none of these segments are spared by cyber criminals. We do come across instances where all three types of industries have been targeted in different ways and caused irrecuperable losses.
During October 2015, a group of hackers stole the personal data of current and ex-subscribers between July 2012 and August 2015 of Dow Jones Media. According to investigation reports, the hackers stole credit card information of almost 3,500 individuals including names, mailing addresses, emails, and contact numbers. Along with this incident, within a span of a few months, Avid Life Media (parent company to Ashley Madison), revealed that hackers had obtained illegal access to the computer networks and breached almost 10 gigabytes of confidential private information including customer names, emails and even credit card details.
The Sony Pictures hack in 2014 is considered to be one of the biggest hacks in the media industry. As reports say, almost 200 GB of sensitive personal data were compromised beyond recovery. These data not only includes personal information like names, contact numbers but also employees’ family details, salaries, and bank accounts. Even copies of unreleased Sony films were also taken hostage by the hackers and put the organization under huge embarrassment in front of the whole world.
A couple of years later, HBO, another popular US channel accepted and unveiled that they have faced a cyber attack with almost 1.5 TB of data compromised by hackers. This data majorly includes confidential proprietary information including some upcoming programmes that were supposed to launch in a grand scale. If we compare, the amount of HBO data breached is almost 7 times that of Sony Pictures.
Almost a year back in December 2018, The Los Angeles Times experienced a deadly malware attack which resulted in the disruption of printing newspapers. This unique incident proved that even the printing media industry can be vulnerable to cyber-attacks. This was relatively rare and the type of malware proved that the attack happened from outside the United States. This attack not only affected the printing of The Los Angeles Times for more than two days, but also The New York Times and The Wall Street Journal which share their printing with the Los Angeles plant. This incident was a big eye-opener for the IT security officials who used to keep this industry away from security vigilance.
(Continues in Part – 2… keep posted)
ARCON is a leading enterprise risk control solutions provider, specializing in risk-predictive technologies. ARCON | User Behaviour Analytics enables to monitor end-user activities in real time. ARCON | Privileged Access Management reinforces access control and mitigates data breach threats. ARCON | Endpoint Privilege Management mitigates risks arising out of endpoints. ARCON | Secure Compliance Management is a vulnerability assessment tool.