Digital Shadows, a US-based provider of cyber situational awareness, released its ‘Shooting the Messenger: Understanding the Threats to the Media and Broadcasting Industry’ report which revealed that revenue generating Websites were a threat to media businesses’ bottom line and were increasing with malvertising, extortion, propaganda, account take over and data leakage being the most common attacks targeted towards media and broadcast organisations.
The report further revealed that the insecurity surrounding Internet of Things (IoT) devices, such as WiFi-enabled cameras, surveillance systems, lighting, and even fridges, was presenting cybercriminals and hacktivists with more opportunities to target media and broadcast organisations. The report further revealed that as the media and broadcasting industry were increasingly conducting more business online as a growing demand from customers, there were projections of revenue increases of $100 billion by 2020 but the threat of having their websites forced offline and becoming unavailable to customers represented a serious business risk.
“Attacks can either be opportunistic in nature, whereby a threat actor will target an organisation having discovered a particular software vulnerability on a public-facing Site, or more targeted as the organisation may hold particularly sensitive or lucrative information that can be used for a variety of malicious uses. Broadcasting services represent potentially worthwhile targets as they often hold extensive personal details about their customers, such as names, dates of birth, physical addresses and payment information,” said Chris Brown, Vice President, EMEA, Digital Shadows.
The report further revealed that by their very nature, news Sites attracted large amounts of traffic. While this was great for their business models, it made them an attractive target for malvertising, which was often used as a vector to compromise users who visited legitimate Websites. Because advertising Content could be inserted into high profile and reputable Websites, malvertising provided Online criminals with an opportunity to push their attacks to Web users who might not otherwise see the advertisements, due to the use of firewalls or other safety precautions. The ‘Shooting the Messenger’ report further revealed a different approach to cyberattacks – typosquatting – where attackers used domain names that were similar to launch a wide variety of Online fraud including phishing campaigns.