EVEN a cursory web search in any country will offer you “fully-loaded” set-top boxes.

These devices provide media over the internet to your home or place of business, and the benign phrase “fully-loaded” usually refers to their ability to stream copyright-protected material, for free.

In many areas of Asia, you can walk into smaller stores and buy one of these devices over the counter. A study by Digital TV Research[] showed that 52 percent of the 25,000 thousand people interviewed stated they knowingly used this type of set-top box or other means to gain access to media which had bypassed protection by DRM (digital rights management) measures.

Last year’s Mayweather vs. McGregor fight – dubbed the most-watched boxing contest ever – was available free-to-view (illegally) via 23 streams.

Media piracy loses the film and TV industries billions of dollars every year, and the risks of supplying the means of obtaining illicit media are considered (by store owners and online traders) to be well worth it.

The hackers who have the skill to obtain access to the original, protected media are undoubtedly very well rewarded, plus there’s also the rich pickings for the same subset of criminals to exploit the open nature of many delivery devices. A case in point: the Android set-top boxes are relatively easily hacked, placing users, and their households at risk.

Of course, it’s not just media providers who suffer from online piracy. The games industry, to be worth around US$128 billion annually by 2020, according to some estimates, also has a severe problem with rogue copies of its wares distributed online and via physical media. Modern games are as expensive to produce as movies and TV series, so similar scales of losses are also being felt in this industry.

For many years it was problematic to pirate media on any scale or with any quality. Pirated movies were often shaky second-hand recordings made in movie theaters by camcorder-wielding individuals, whose efforts would be quickly duplicated onto low-quality VHS tapes and sold off-grid for a few cents each.

However, since digitization, all media is rendered down to an (often literal) stream of zeroes and ones. And once any media becomes data, it is as susceptible to theft, copying and distribution as any other form of data – and of course, with no perceptible degradation of quality.

Modern media creators and distributors are therefore subject to the same problems that are currently affecting all areas of commerce, enterprise, and organizations – that is, the problem of how to protect digital property (aka data).

The business consequences of the loss of the latest series of a popular TV show to hackers bring home to a broader population the problems caused by data egress and distribution. But the self-same problem has massive business consequences for any organization which uses data: and short of the company working out of a basic artisan’s workshop, that means just about every business.

In all businesses (record company, financial institution, movie studio, law firm or tiny startup), the issue of digital protection can be broken into three areas of concern, which are the same, in the purest of data terms, whatever the industry.

Data is, in security terms, a great leveler.

Raw Materials


At the heart of every enterprise, there is a need to hold data. From a premises-based hard drive to distributed nodes of public cloud providers, the raw material of commerce, data, needs to be kept safe.

Individual devices can be given protection in the form of additional software installed on them, or on the devices which surround them to distribute or protect the data – routers, switches, firewalls, aggregators, load balancers.

Resources

The zeroes and ones, when read off storage media, form a product with some kind of value. This might be a single Excel sheet (albeit one which holds the financial keys to a small business) right up to the petabytes required for a full-length 4K movie and its component parts.

To protect products, enterprises can encrypt files by a variety of means which depend on their use: DRM for creative, certification authority-based SSL for financial assets distributed over the web, and information of all varieties (instrument telemetry, audio, machinery performance data, digital currencies) made more secure by a range of means, such as public and private key interchange methods.

Endpoints

The “fully-loaded” set top box is, in network security parlance, an endpoint which is subject to the same problems and issues as a Windows XP desktop machine or a high-end Android phone.

The device on which data is used is another route to data exfiltration and misuse. That might be a stock exchange trader’s workstation, the autonomous car display & steering mechanisms, or a smart TV screen.