Ever since the pandemic started, we’re all still learning how to adapt while social distancing and remote work have become the new normal. As a result of these changes, video-on-demand streaming services have grown in popularity to accommodate people’s entertainment needs. More than two-thirds of companies are now investing in various types of video and audio media to reach their target audience.
The popularity of streaming services around the world has also been boosted significantly by the use of virtual private network (VPN) technology allowing viewers to bypass geo-restrictions and enjoy streaming content more securely.
Cybersecurity risks are not limited to the realm of corporate giants and massive campaigns. The most common attacks are actually the daily encounters ordinary people have with malware and spam, not APTs and large data breaches. Our increasing reliance on the internet and connected devices makes us vulnerable.
The Streaming Wars officially began in 2019, when practically all major networks rushed to benefit from consumers’ new, preferred means of watching content: streaming platforms. It all started with Apple TV+, and now we have a plethora of options like Disney+, HBO Max, Hulu, Amazon Prime Video, BBC iPlayer, and, of course, Netflix. This is in addition to a myriad of local platforms that have sprung up all across the globe. The streaming video market is predicted to reach $688.7 billion by 2024.
The move to streaming has opened up a new, profitable avenue for cybercriminals. Just a few hours after Disney + was launched, thousands of user accounts were compromised, and passwords and emails were stolen. These accounts were subsequently sold online for $3 to $11.
New streaming services aren’t the only ones at risk. Popular services like Netflix and Hulu, which were launched years ago, are great targets for malware distribution, password theft, and spam and phishing campaigns. Given the surge in subscribers triggered by the pandemic, their appeal to cybercriminals has only grown.
With so many streaming services and apps available, it’s easy to forget that they may soon turn into a feast for hackers, with our credit card details and personal info on the menu. We need to know the risks that come with streaming and some actionable steps we can take to protect ourselves. A lot of people exchange their passwords without thinking about it or use the same password across multiple platforms. Such blunders can be easily exploited by a savvy cybercriminal, who can then use your credentials for data theft and identity fraud.
Let’s look at some of the cybersecurity risks that come with using streaming services.
Phishing Attacks
Phishing is one of the oldest and most successful ways to acquire account credentials. Phishing attacks targeting streaming platforms typically involve the creation of dummy login pages in order to harvest credentials. The most popular target is still Netflix. Researchers from Kaspersky discovered bogus Netflix login sites in English, French, Spanish, and Portuguese. They also discovered Hulu clones.
The hacker’s goal might not even be access to your streaming account. They can use your email address and password to launch more spam or phishing campaigns or get access to other accounts since so many people use the same password for multiple accounts. They can also retrieve billing and credit card information associated with the account.
With millions of people subscribed to streaming platforms, cybercriminals see this as a great opportunity. According to The Guardian, 700 Disney+ and Hulu clone websites have been developed to capitalize on the current streaming boom. These websites entice people with free subscriptions before stealing their personal and financial data.
Credential Stuffing
These compromised account credentials we discussed are then used to hack into other accounts or systems. The harvested credentials are stored in databases. Credential stuffing refers to the use of automated tools to determine whether credentials harvested from one platform work on other platforms. Once again, this strategy is effective because of how common it is for people to use the same credentials across multiple platforms.
There are a variety of uses for stolen login information and credentials. The hackers that first harvest them typically sell them to other criminals on the dark web.
Attacks are most likely to occur when a popular streaming service releases a new piece of content. During those situations, people are more likely to share their account credentials, which is exactly what hackers are looking for.
Many of the accounts that have been compromised as a result of credential stuffing will be sold for as little as $3.25 USD. These accounts come with a guarantee: if the credentials don’t work after they’ve been sold, they can be replaced for free, which is a service offered by the seller to encourage repeat purchases. This service exists because brands have gotten increasingly adept at detecting and deactivating hacked accounts.
Brute Force Attacks
When hackers target login pages by trial and error, they are performing a brute force attack. They use automated bots that keep trying different combinations until they find one that works. It’s the equivalent of trying every key on your key ring until you find the right one.
Brute force attacks are straightforward and effective since hackers can rely on computers to do most of the work for them. It’s also popular because of the lack of mitigation protocols at the system’s security level. The computational power and time required depend on the length of the password.
This strategy was used, for example, to hack into Disney+ accounts.
Account Takeover
An account takeover attack occurs when a malevolent third party completely takes over your account. Once they have gained access, they can alter the account’s details, steal sensitive information, including financial details and send phishing emails to other people using the account.
Usually, the motive behind such attacks is monetary gain.
Man-in-the-Middle (MITM) Attacks
A Man in the Middle Attack is a sort of cyberattack in which a cybercriminal places themselves between two users or a user and a platform in order to alter or steal data. In this scenario, they can either be silent, only harvesting data, they could alter the data being exchanged, or they could actually be communicating with you, pretending to be someone else.
A MITM attack can affect any IP port on any network, whether internal or external. The attacker intercepts traffic and discreetly reroutes it while modifying the connection parameters between endpoints that are unaware they have been compromised. As a result, they are difficult to identify because they have no direct impact on the network.
Always check the address in your address bar. If you see anything unusual like the name of your streaming platform spelled slightly differently, double-check it, even if it’s just a minor difference.
You’ll also want to keep an eye out for repeated disconnections. Attacks will disconnect their victims to get access to their credentials when they try to log back in.
Talha Ali is your tech generalist, covering a wide spectrum of topics within the ever-evolving world of technology. With a curiosity for the latest innovations, industry trends, and breakthroughs. Whether it’s hardware, software, emerging technologies, or the intersection of tech with daily life, Talha’s articles provide readers with a well-rounded perspective on the dynamic landscape of the tech industry.