Read Latest Issue now

Verimatrix cloud: the digital security guardians

Posted on Jun 9, 2021 by Verity Butler

As live events move online, the frequency, severity and sophistication of cyberattacks place streaming services under constant threat, Verimatrix is supporting cloud services in efforts to prevent this

Pay-TV broadcasters, sports franchises and major studios want to cash in on the seismic demand for viewing OTT, leading with direct-to-consumer strategies and pop-up channels for live events. As video streaming soars, criminals follow the money – and they’re stepping up their game.

Ironically, the technology that enables OTT services is also being used to attack them. These hacking tools are increasingly democratised and made easier to use — at scale. Cybersecurity has become a high-tech game, where thieves innovate their attacks faster than most organisations can adapt their defences.

Does that mean it could happen to you? Alarmingly, a Verizon Media survey of streaming media service executives reveals it probably already has. Half of survey participants said security breaches had degraded their service’s user experience. A third had suffered a service outage, while 13% reported misappropriated content. And these numbers only represent security incidents

The cloud-based component that streaming services have been waiting for

Points of vulnerability

The problem with streaming is there are so many points of vulnerability for a criminal to exploit. In security parlance, the ‘attack surface’ is huge and expanding. At each point users access your valuable media, there’s
a potential Achilles heel.

Customer payment details, email addresses, names and passwords form a treasure trove that’s difficult for hackers to resist. A wide variety of supported client devices — laptops, connected TVs, mobile phones and consoles — provide a multiplicity of weak spots.

Other types of attack include distributed denial-of-service (DDoS) to disrupt a site. Some hackers launch these to cause mischief, while others have more nefarious intent, such as holding the target to ransom.

Another cunning trick is restreaming to other sites, where pirates seek to divert advertising. These attacks strip away revenue sources, ultimately increasing service providers’ streaming and licensing costs.

Pop-up live streams could be most vulnerable

These events, such as pay-per-view wrestling matches or music concerts, are rising in popularity, with IP infrastructure now mature enough to enable them. More and more content, ranging from personalised views of an Olympic track-and-field event, to a guided digital tour of an exhibition or virtual reality gig, will be livestreamed – even in a post-pandemic world.

Professional pop-up services will have built-in basic security, such as DRM. But can every potential risk be taken into account? Dedicated channels are designed for a limited run.

They may be spun up at relatively short notice, taking advantage of consumer demand, without the checks and balances of a year-round service.

Scaling is a huge challenge. It’s possible to go from zero to hundreds of thousands – even millions – of subscribers within seconds. Can everyone swiftly access the content they’ve paid for? If someone has to wait ten minutes for the code to view a boxing title fight, the whole event could be over by the time they log on. There’s another burning question: could you eliminate illegal restreams while an event is live, rather than waiting for revenue to drain away?

Security as a service: Verimatrix and AWS Cloud

Perhaps, you don’t have the time, capacity or budget to install and verify an inventory of cybercrime tools.

You need security-as-a-service. Moreover, as the name implies, security can be delivered using the cloud based, state-of-the-art component that streaming services of all kinds – and pop-up channels – have been waiting for.

This makes sense, given the increasing size, sophistication and frequency of hacks. Shifting more of the security solution into the cloud and content delivery networks (CDNs) provides the scale, simplicity and agility needed to keep pace with changing cybercrime attack vectors.

Verimatrix hosts such a service in AWS cloud, with all these capabilities preinstalled. It offers onboarding and provisions to customers, providing an API to activate the service – with a suite of security solutions tailored to their needs. All authentication solutions – such as certificates, tokens, sessions and watermarks – are provided.

Furthermore, These are necessary to secure and decrypt the stream on all end-user devices. Whether you have 100 or 100 million end users all demanding simultaneous access, Verimatrix  works on the cloud to ensure authentication scales up appropriately.

Established companies can’t wait for annual security audits to expose vulnerabilities, or news headlines will. As for start-ups, forward-thinking security is needed to protect revenue streams.

Don’t leave it to the last minute. Thwarting piracy demands constant vigilance. Selecting the right security partner helps ensure a frictionless process that streamlines your timelines.

This article first featured in the Summer 2021 issue of FEED magazine.

Read our Spring issue article on Verimatrix.

Find out how Verimatrix defends your content across platforms

J-Stream is on par with SSAI

February 13th, 2019

J-Stream used AWS Elemental MediaTailor to create a server side ad insertion workflow for...

Microservices: everything as a code

January 10th, 2020

Cloud microservices promise to change how we do broadcasting. How far along the journey...

Taking 5G out of the lab

March 23rd, 2020

Through a process of collaboration and experimentation, Sony is helping media companies understand the potential...

How DRM can buy you peace of mind

June 5th, 2020

DRM is the most basic – and maybe the most important – building block...