Digital Shadows, a provider
of cyber situational awareness, released its Shooting the Messenger: Understanding
the Threats to the Media and Broadcasting Industry report which revealed that
revenue generating websites are a threat to media businesses’ bottom line and
are increasing with malvertising, extortion, propaganda, account take over and
data leakage being the most common attacks targeted towards media and broadcast
organizations. The Digital Shadows report further revealed that the
insecurity surrounding Internet of Things (IoT) devices, such as Wi-Fi-enabled
cameras, surveillance systems, lighting, and even fridges, is presenting
cybercriminals and hacktivists with more opportunities to target media and
broadcast organizations. The report further revealed that as the media and
broadcasting industry are increasingly conducting more business online as a
growing demand from customers, there are projections of revenue increases of
$100 billion by 2020 but the threat of having their websites forced offline and
becoming unavailable to customers represents a serious business risk.
of cyber situational awareness, released its Shooting the Messenger: Understanding
the Threats to the Media and Broadcasting Industry report which revealed that
revenue generating websites are a threat to media businesses’ bottom line and
are increasing with malvertising, extortion, propaganda, account take over and
data leakage being the most common attacks targeted towards media and broadcast
organizations. The Digital Shadows report further revealed that the
insecurity surrounding Internet of Things (IoT) devices, such as Wi-Fi-enabled
cameras, surveillance systems, lighting, and even fridges, is presenting
cybercriminals and hacktivists with more opportunities to target media and
broadcast organizations. The report further revealed that as the media and
broadcasting industry are increasingly conducting more business online as a
growing demand from customers, there are projections of revenue increases of
$100 billion by 2020 but the threat of having their websites forced offline and
becoming unavailable to customers represents a serious business risk.
“Attacks can either be
opportunistic in nature, whereby a threat actor will target an organization
having discovered a particular software vulnerability on a public-facing site,
or more targeted as the organization may hold particularly sensitive or
lucrative information that can be used for a variety of malicious uses.
Broadcasting services represent potentially worthwhile targets as they often
hold extensive personal details about their customers, such as names, dates of
birth, physical addresses and payment information,” said Chris Brown, VP EMEA,
Digital Shadows.
opportunistic in nature, whereby a threat actor will target an organization
having discovered a particular software vulnerability on a public-facing site,
or more targeted as the organization may hold particularly sensitive or
lucrative information that can be used for a variety of malicious uses.
Broadcasting services represent potentially worthwhile targets as they often
hold extensive personal details about their customers, such as names, dates of
birth, physical addresses and payment information,” said Chris Brown, VP EMEA,
Digital Shadows.
By their very nature, news
sites attract large amounts of traffic. While this is great for their business
models, it makes them an attractive target for malvertising, which is often
used as a vector to compromise users who visit legitimate websites. Because
advertising content can be inserted into high profile and reputable websites,
malvertising provides online criminals with an opportunity to push their
attacks to web users who might not otherwise see the advertisements, due to the
use of firewalls or other safety precautions. The ‘Shooting the Messenger’
report further revealed a different approach to cyberattacks – typosquatting –
where attackers use domain names that are similar to launch a wide variety of
online fraud including phishing campaigns.
sites attract large amounts of traffic. While this is great for their business
models, it makes them an attractive target for malvertising, which is often
used as a vector to compromise users who visit legitimate websites. Because
advertising content can be inserted into high profile and reputable websites,
malvertising provides online criminals with an opportunity to push their
attacks to web users who might not otherwise see the advertisements, due to the
use of firewalls or other safety precautions. The ‘Shooting the Messenger’
report further revealed a different approach to cyberattacks – typosquatting –
where attackers use domain names that are similar to launch a wide variety of
online fraud including phishing campaigns.
Chris Brown further added,
“Given the availability and low barriers of entry to leverage DDoS tools, one
can expect both the frequency and size of DDoS attacks to increase. However,
DDoS attacks are only one piece of a far larger threat landscape for media
organizations. IoT botnets have also demonstrated the capability to launch high
volume denial of service attacks and despite increasing awareness, the security
of IoT devices is likely to remain an issue for the foreseeable future as a
growing number of Internet-facing products are insecurely brought to the market
and threat actors develop ways to exploit them. Security professionals must
understand the other threats that pose risks to their industry including
malvertising, extortion and data leakage and by understanding these threats, as
well as the actors behind them, media and broadcasting companies can better
secure themselves and their customers.”
“Given the availability and low barriers of entry to leverage DDoS tools, one
can expect both the frequency and size of DDoS attacks to increase. However,
DDoS attacks are only one piece of a far larger threat landscape for media
organizations. IoT botnets have also demonstrated the capability to launch high
volume denial of service attacks and despite increasing awareness, the security
of IoT devices is likely to remain an issue for the foreseeable future as a
growing number of Internet-facing products are insecurely brought to the market
and threat actors develop ways to exploit them. Security professionals must
understand the other threats that pose risks to their industry including
malvertising, extortion and data leakage and by understanding these threats, as
well as the actors behind them, media and broadcasting companies can better
secure themselves and their customers.”
Email addresses of media
and broadcasting organizations have also been leaked through other breaches. In
a recent Digital Shadows report that analyzed the extent of credential
compromise from the world’s biggest 1,000 companies, many leaked
credentials were discovered. By analyzing nearly 30,000 claimed breaches,
discovered across paste sites, criminal forums and dark web sources, we
discovered over 935,870 email and password combinations for the media and
entertainment industry. The top breaches were, somewhat unsurprisingly, social
media platforms. Indeed, MySpace, LinkedIn, and Tumblr breaches were responsible
for a respective 41, 14 and 3 percent of the total leaked credentials.
and broadcasting organizations have also been leaked through other breaches. In
a recent Digital Shadows report that analyzed the extent of credential
compromise from the world’s biggest 1,000 companies, many leaked
credentials were discovered. By analyzing nearly 30,000 claimed breaches,
discovered across paste sites, criminal forums and dark web sources, we
discovered over 935,870 email and password combinations for the media and
entertainment industry. The top breaches were, somewhat unsurprisingly, social
media platforms. Indeed, MySpace, LinkedIn, and Tumblr breaches were responsible
for a respective 41, 14 and 3 percent of the total leaked credentials.
For the LATEST tech updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube Channel!