Why Video Pirates Threaten Viewers and Businesses During OTT Streaming Storms

The streaming wars have already begun, and with the most recent launches of Disney+ and Apple TV+, these streaming services are in fierce competition for subscribers’ dollars. But we believe the media powerhouses shouldn’t be battling one another – instead, they should focus their efforts on a common enemy that threatens the very viability of their streaming business: video piracy.

The problem doesn’t just concern illegal streaming of content; it’s about non-paying users having full access to streaming services, allowing them to enjoy premium content, high video quality and a rich user experience, with just a few clicks.

More than 4 billion user credentials were compromised in different data breaches in 2019 alone. Hackers first obtain username and password combinations exposed on these data breaches or from phishing sites, and run them through account checkers – tools for validating the credentials found on a breach against a specific service. In addition to jeopardizing the digital identity of subscribers, this is the entry point for different credential attacks, which can result in stolen credentials available for sale on different marketplaces and forums on the open or dark web. Some very popular sports services, for example, can cost only $15 for lifetime access on these “marketplaces,” and a monthly pass for a popular streaming service can cost as little as $2.50 in underground hacking forums.

What Can Streaming Service Providers Do?

Streaming service providers need to be more vigilant about assessing the risk posed by credentials-based attacks. When a subscriber’s personally identifiable information (PII) is exposed, service providers are exposed too, to a variety of risks. Hackers may have more sinister motivations than just obtaining access to a video service. Once they break in, it leaves the door wide open to commit other cyber-crimes with the same set of credentials, which may provide access to mobile or Wi-Fi services, for example. If service providers overlook credentials fraud, they are exposed to a loss of revenue from potential customers, increased infrastructure costs, liability to bear the fraud expenses, loss of confidence from customers, a tarnished reputation and expensive legal actions.

So how do we close and padlock this door?

The obvious steps are preventative: Data centers must be secured to help ensure that the next data breach does not come from the service providers’ networks, and subscribers must be educated to use different credentials across multiple services.  The less obvious, but perhaps more insightful and effective solution, involves a comprehensive understanding of the threat landscape and actionable intelligence.

Four Steps to Fight Video Piracy

At Synamedia, we help understand the threat landscape, and provide the tools and services to detect and respond to credentials fraud. For example:

We constantly monitor leaked credentials from recent data breaches. In a recent sample, we monitored over 3 million credentials for our customers, and validated that 8,000 of these could be used to access customers’ OTT services (80% of these were already offered for sale on marketplaces and forums). We identified the specific compromised user accounts so that our customers could take action. Below is an actual offer of 220 validated credentials of a popular OTT service, which were recently for sale on a hacking forum.

We track and analyze the different tools that enable hackers to check lists of username and password combinations against video services in a scalable way, using bots. This example shows a checker of a specific OTT service. All the buyer has to do is insert a list of compromised credentials and the tool will automatically return those that are active in the OTT service.

We detect on a regular basis phishing sites that target our customers.

We help assess the overall threat to a service, considering different indicators such as discussions on hacking forums and social platforms, scam tutorials, number of credentials at risk and more. Below is an actual Telegram message that uses stolen credentials to attract users to other potentially profitable offerings.

Armed with this information, video service providers can take the right action, whether it’s informing subscribers that their credentials are compromised and requesting them to take precautions, or being proactive and enforcing multi-factor authentication or resetting passwords.

To stay ahead of the pirates, we need to think like they do, know how they work, and move even faster than they will. We provide the technology to stay on top of pirate activity, combined with intelligence from Synamedia’s Operational Security team to see where they’ll go next. Our expertise in both video and cyber security can help defeat piracy and ensure a healthy and viable streaming marketplace.

For more information, check out our credentials sharing and fraud insight service.

Download our Guide on How to Prevent Illegal Streaming here.

By Rinat Burdo and Orly Amsalem. Rinat & Orly are both Senior Product Managers for Video Security solutions at Synamedia.