NAB 2018: Akamai Talks OTT, Hacking, and DDoS Protection
Anthony Burokas: My name is Anthony Burokas and we are here on the show floor at NAB 2018 in the Akamai booth, talking with Shane Keats. Akamai has been around a long time. I remember Apple investing in Akamai way back when, and nowadays NAB is very heavy into streaming technology. There are so many companies that will help you get your content out there. But I think at a certain point your content may get out there a little bit too much or get out of control.
Shane Keats: If Willie Sutton were alive today, I'm convinced that he'd actually go after an OTT provider and not a bank because there is so much value inside that service that it becomes a really ripe target for the hacker. And I think that's motivated really by three things. You're seeing a real shift to subscription-based monetization, so that broadcasters with an OTT service or an OTT native has consumer data that they never had to store before, and that data has a lot of value on the dark web, right?
Add in the fact that we have so many cool things to watch on TV, but that season finale or that cliffhanger episode, that too has great value on pirate sites. And finally--think about it this way--we live in politically charged times, and executive communications, those too have great value. If you're the hacker who is able to expose media communications, that's going to give you a lot of credibility. I think the hackers are really out there looking at OTT operations as a really ripe target.
Anthony Burokas: I think we've even had examples of all of that recently with the Game of Thrones episodes leaking early or emails getting leaked and behind-the-scenes communication. So there's been examples of all of that recently. In terms of what attackers are going after, what do you see as the lines of defense?
Shane Keats: I think you have to start with what they're going after, and I think that's the right question to ask. We see a lot of different attack surfaces that they're going after. One thing that's really interesting for media providers is the login page. As people shifted to that subscription-based monetization, the bad guys hire bot armies to literally attack the login page, trying to figure out whether a user password combination will lead to this account.
And let's think about it this way, they bought, on the dark web, 10,000 credentials, pennies a credential. They go use a bot army to try credential abuse, credential stuffing. And every one of those that hits, every one of those that completes that they can associate with that OTT service, suddenly instead of being worth pennies is now worth dimes, or quarters, or even dollars. Because they can extract not just the OTT subscription but they can extract PII from that, personal identifiable information, the payment card information, name, phone number, address. It's a really profitable business.
Anthony Burokas: And if someone is looking at trying to protect themselves that's one then, but then now, with distributed content creation, it's almost like we're opening a bunch of back and side doors to the wall that we're trying to put up to protect our stuff.
Shane Keats: Video workflow is inherently complicated, and you need a lot of different teams working on a mezzanine, and it's going back and forth and back and forth between teams. Unfortunately, that need opens up a threat from the outside, especially when you're using contractors for SNG or ENG, for example. It's not that these people are inherently risky, but one of them might lose their laptop, one of them might get their laptop compromised by malware. And the traditional way that you give that contractor or that third-party workflow partner access to the network is that they get an all-access badge. So they go in to use their CMS, or whatever that they need to use, but if they're infected you've given the hacker carte blanche to walk the halls and see what else is there.
One of the tools that I think media providers need to think about is a way to limit that access. We've got a product called Enterprise Application Access, which basically limits the contractor to only the tool that they need. I think video providers need to start thinking along those lines, how to limit the kind of access that they're giving to those people.
Anthony Burokas: It's a new aspect of content management to think about, so I want to thank you for introducing us to it. My name is Anthony Burokas, we are here on the show floor of NAB 2018 for Streaming Media. Thanks for watching.
This article is Sponsored Content
Akamai Cloud Wrapper aims to take the strain off cloud origins, while Direct Connect solves first-mile problems by avoiding the public internet.
Streaming Media's Anthony Burokas interviews Lightcast's Andreas Kisslinger in the Lightcast's booth at NAB 2018.
Streaming Media's Anthony Burokas interviews Magewell's Mike Nann in the Magewell booth at NAB 2018.
Streaming Media's Anthony Burokas interviews Tulix's George Bokuchava at NAB 2018.