Some consumers may see this as a problem for media operators, which doesn’t impact them, but this is very much not the case. Consumers want content on the devices of their choosing at any time, while receiving a customized experience and value for their money. As the industry works hard to continually fulfil this need, both the industry and consumers should be very concerned about security and piracy.
Content redistribution piracy has come to the forefront as the main form of piracy over recent years. The scale of this challenge was emphasized recently by Irdeto data which found 5,100 unique illegal streams redistributing games over the internet during this year’s Champions League knockout stages. Irdeto also detected 339 streams that illegally redistributed the Anthony Joshua vs. Joseph Parker fight in April. Many of these lower quality, illegal streams put consumers at risk of missing key moments of these high-profile events as they are detected, taken down or drop out. However, this is by no means the only risk that consumers should be wary of when it comes to piracy.
While illegal pirate services can provide an experience that fools consumers into believing they are legitimate, the bottom line is that by watching illegal streams, knowingly or unknowingly, consumers are potentially exposing their devices, data and families to risks of cybercrime, inappropriate content and other threats. Recent research from Carnegie Mellon as cited in the Daily Express found that the risk of exposure to malware and other threats has a direct correlation with the time spent on pirate sites. In addition, those who go a step further and think about sharing premium content illegally should be aware that they could face charges or legal action as a result. For example, last year a man received an £85,000 bill from Sky as a consequence of a friend illegally streaming the feed from his subscription.
While much of the current focus is on content redistribution piracy and measures to detect and deal with illegal streams, it is important that the availability of content on other piracy platforms is not underestimated, as they continue to be prominent. For example, peer-to-peer (P2P) piracy is still a threat as Bittorrent provides the primary distribution network for high quality video files (e.g., Bluray). P2P isn’t losing popularity as fast as people think, even with the increase in bandwidth capacity. Illicit Streaming Devices (ISD) or “fully-loaded” boxes are also a problem, as users can buy plug-and-play devices that make use of illegal addons for open source software, such as Kodi. Alongside this, there is another threat that all consumers must beware of, whether they have ever come into contact with illegal content or not. The growth of both pureplay OTT services and OTT offerings from operators has led to a big market in stolen credentials. The question is; how can consumers know if their credentials have been compromised and what impact could it have on them?
The Irdeto Global Consumer Piracy Threat Report looks at global piracy hotspots, pay TV credential availability on the Dark Web, and the market in ISDs. It also analyzes the threat to consumers, outlining how they can be vigilant and ensure they avoid being negatively impacted. The insights are based on data monitoring conducted by Irdeto’s expert cybersecurity services unit and additional data provided by a web analytics partner.
Have Your OTT Credentials Gone Dark?
It’s important for consumers and operators alike to understand that today, piracy and cybercrime are not necessarily separate threats as they will often come from the same origin. The same digital and connected TV platforms that cybercriminals target for illegal redistribution of content also act as attack surfaces for hackers looking to gain access to service providers’ networks and potentially steal customer information and other important data. Today’s cybercriminal has customers to satisfy, money to be made and must consider their return on investment (ROI) just like any other business. This is where the Dark Web comes in. The Dark Web is widely used for the sale of stolen and illegal goods and services. Via Dark Web marketplaces, a variety of products, accounts and services can be bought. This includes account credentials for a range of pay TV and Video on Demand (VOD) OTT services. These marketplaces are located on a special-use TLD (Top-Level-Domain) only accessible from browsers like the “Tor Browser.” These browsers allow a connection to be established through almost-daily changing URLs that consist of several random characters. There are specific sites providing the newest URLs in real time. Almost all transactions on the Dark Web are executed via cryptocurrencies, which means it is much harder for law enforcement to track these criminals and follow the money flow. That makes this type of crime much harder to fight, thus making it more important for individuals to ‘target harden’ by securing their accounts at the point of origin.
Irdeto monitored more than 15 Dark Web marketplaces throughout April 2018 for OTT account credentials available for sale illegally and found 854 listings. These listings exposed legitimate user credentials from 42 different OTT services including Netflix, HBO, DirecTV and Hulu. Many credentials for international and regional accounts were detected and, of all these listings, the average one-off price for a stolen account was just $8.71 (roughly £6.60). Some vendors also sell bundles of credentials at a higher price, providing more value for the money. Across all eight marketplaces where credentials were observed to be sold, Irdeto detected 69 unique sellers.
Global Piracy Hotspots
With increasing broadband availability and internet speed globally, the pirates have adapted. As a result, OTT piracy, or content redistribution, is the most rapidly growing threat facing pay TV operators and content rights holders. Illegal supply of premium content, especially live events such as soccer, is driving this increase. However, we shouldn’t dismiss other forms of piracy. Advancements in technology have ensured that pirates are able to operate across borders and reach (sometimes unwitting) consumers at a scale never seen before. However, despite the fact that piracy is a global problem, there will always be regional nuances when it comes to illegal offerings and indeed consumer behavior. This was demonstrated in 2017 with the Irdeto Global Consumer Piracy Survey of more than 25,000 adults across 30 countries, which revealed, for example, that 87% of Russian consumers didn’t know that online piracy is illegal, but education on piracy could reduce the number of Latin Americans who pirate by more than 50%.
The Live streaming Piracy Hotspots
With the proliferation of high-speed broadband services, live streaming piracy has become increasingly popular, with pirates developing professional looking linking sites that provide links to a series of illegal content streams, allowing viewers to bypass rights holders. Based on an analysis of traffic to the top ten live streaming linking sites during Q1 2018, provided our web analytics partner, it was found that there was an average of 74 million global visits per month (and an average of 21 million unique visits) to these sites. In terms of global traffic hotspots, the top five countries based on average monthly unique visits, identified by the web analytics partner, are as follows: • USA – 2,934,000 • UK – 1,714,000 • GERMANY – 1,519,000 • FRANCE – 1,488,000 • CANADA – 704,897 The overall global representation can be seen in the heat map below:
P2P Piracy Hotspots
P2P PIRACY HOTSPOTS P2P piracy is still prominent around the globe and plays a central role in distributing content to the online piracy ecosystem. The high-quality video content in greatest demand on piracy sites is first released on the P2P network. In fact, web video sites source a significant proportion (28%) of their high-quality movie and TV video content from P2P sites. Irdeto tracked1 more than 800 million monthly downloads between January 2017 and May 2018 through its P2P Business Intelligence tracker. This is where global activity for more than 400 popular movie and TV titles is monitored. March 2018 was the peak in activity when nearly 977 million infringing copies of movies and TV shows were downloaded globally from P2P sites. Like the case for live streaming, the US again leads the world in the number of users accessing illegal content, with some significant differences in the countries also ranked high on P2P piracy. The top five countries for P2P downloads between January 2017 and May 2018 are as follows: • USA – 1.71 billion • RUSSIA – 1.64 billion • BRAZIL – 1.17 billion • INDIA – 965 million • NETHERLANDS – 636 million
The Illicit Streaming Devices Market
While the availability of illegal pirate streams on social media and other platforms remains a major challenge for content producers and rights holders, there is another illegal market that simultaneously needs addressing. Pirates create professional looking services to fool users into thinking their illegal content offering is legitimate and these are often offered through “fully-loaded IPTV boxes.” Provided through illicit streaming plugins for services like Kodi, the popular media player software application, pirates are using popular ecommerce sites to advertise these devices to consumers, despite these sites explicitly banning the sale of illicit streaming devices (ISDs). ISDs are often advertised around major sporting events. For example, Irdeto identified 180 advertisements for illicit streaming devices offering
Joshua vs. Parker on e-commerce websites, including eBay and Gumtree in just one day in the week leading up to the fight. Similarly, publicity around sports streaming packages has been observed increasing significantly in the run up to the start of the Premier League season. So far in 2018, Irdeto has worked to take down almost 7,000 adverts for ISDs across 60 domains. While the majority of these market places and platforms are very proactive in blocking the launch of infringing listings and in the removal of adverts for these illicit streaming devices, the industry must continue to work together against this type piracy, and consumers must also ensure that they are purchasing legitimate devices.
Global Threats, Require action for industry and vigilance by consumers
Content theft by pirates has become a full-fledged business and a formidable challenge for established pay TV operators. Content owners, rights holders, technology and security partners and law enforcement agencies are working hard to combat the threat from piracy. However, consumers must also be vigilant to avoid the threats the they may be subject to from illegal content. The onus is on consumers to think about where they access their content from and ensure that any streaming or downloading is done from legitimate sources. By watching illegal streams, using ISDs or downloading illegal content, knowingly or unknowingly, consumers are exposing their devices, data and families to risks of cybercrime, inappropriate content and other threats. They should also be aware that they could face legal action for either sharing or accessing content illegally. As far as guarding against credentials theft from legitimate OTT accounts, consumers should be vigilant of any unusual or unfamiliar activity on their account and also change their password regularly. If consumers use the same password for their OTT services as they do for a number of other online accounts (as many reportedly do), they could also be opening themselves up to a wider array of exploitative threats.
For operators and service providers themselves, this is a continuing battle where premium security now means 360-degree protection trusted by content owners, from protecting broadcast and OTT services, to end-to-end piracy control and watermarking. Cybercrime prevention services are a crucial part of this, and include cyber intelligence (the gathering and analyzing of intelligence around security threats from the Internet and Darknet) and cyber security (actions to make digital platforms more secure such as penetration testing, security risk assessments, and incident planning and response).