Fear is a path to the Dark Side. Will you be turned? Understand the risks posed by employees streaming illegally
“A long time ago in a galaxy far, far away…” a multi-billion-dollar science fiction phenomenon was born. Well, maybe not that long ago, but ever since ‘A New Hope’ first appeared on the silver screen in 1977 enthusiastic children and parents alike have been captivated by the impressive cinema spectacle that Star Wars has to offer.
Despite its traditional roots (Star Wars is essentially a “cowboys in space” yarn), continuous evolution has kept it relevant. Under the ownership of Disney, the Skywalker saga has taken on the challenge to be more inclusive, more empowering of women and a better influence on the generation of tomorrow.
And so, a barrage of movies, toys, cereal boxes, soap, even a religion (you name it), have taken over the lives of everyone who’s not been living under a rock.
Ever keen to expand their empire, Disney announced in 2018 that it would soon launch its brand new ‘Disney+’ streaming service. The channel will become home to the full gamut of Disney content from princesses to Marvel heroes and it will mark a major step-change for the Star Wars franchise too, by releasing the first Live Action series ‘The Mandalorian’ on November 12th, 2019.
But here’s the snag. UK viewers are being asked to wait until March 2020!
Ok, that’s all great – but what does this have to do with Cybersecurity?
When Star Wars was released in 1977, the world was a very different place. There were no smartphones, no tech-savvy children and the only way you could see a pirated movie was speaking to a guy selling VHS tapes from the back of a van (and that does feel like “a long time ago”).
Jump back to 2019, employees and children alike have high-speed internet and are aware of the likes of Pirate Bay, VPNs, and the Dark Web, but by large many have a paper-thin grasp of the legal implications and security risks of illegal streaming. Indeed, some believe that their historic outlay on cinema tickets, VHS, DVD, and Blu-Ray represent an over-payment in royalties and absolve them from any future need for investment.
Whenever there is a hot release due, be it Game of Thrones or Stranger Things, social media and Dark Web markets are awash with scams, malicious links and all-to-easy ways to stream illegally.
Asking 68 million people to dodge spoilers for 4 months, for one the most highly anticipated releases of the decade, has gifted a golden opportunity to would-be fraudsters and hackers.
Google trends analysis shows there has already been a spike in traffic in November 2019 for users searching for “how to watch Mandalorian UK” and Skurio analysts have already identified sites being set up which claim to allow streaming of the first episode if a potentially malicious file is downloaded.
This poses a challenge for employers. As many businesses adopt BYOD (Bring your own device) there’s an increased risk of their employees letting their guard down for a slice of the sci-fi action. If it turns out that the site is hosting content from Disney+, the implications could be severe if an employee chose to view that content from a corporate IP address. Users can often be naïve when visiting illegal streaming sites, thinking that a pop-up blocker and anti-virus will absolve them of all possible harm. This does not, however, make a device immune to threats.
A report by the ‘Association of Internet Security Professionals’ stated that 97% of illegal streaming platforms are infected with malware and the ‘Federation Against Copyright Theft’ (FACT) has stated that “You are 28 times more likely to be infected by malicious software when using illegal streaming!”
Once a business device is infected with malware, there is a high risk of sensitive data leaking and we all know how that went for the Death Star.
We love Star Wars as much as the next, but the announcement by Disney has unwittingly opened the door to a wave of illegal activity which could impact UK businesses and consumers in the run-up to Christmas. Safe to say, I have a bad feeling about this…