In our latest blog, Tim Pearson looks at the much-discussed topic of CDN content piracy, including CDN leeching, and discusses what to watch for, the impact it can cause and how the risks can be mitigated.
Recently, when watching a linear commercial channel in the UK, an advert implored me to look at the latest offering from a leading multi-service provider. Today’s content distribution landscape has changed beyond recognition since the broadcast/ pay-TV era. Media and Entertainment operators are more diverse than ever, and consumers can feast on a bewildering array of direct-to-consumer services alongside more established pay-TV offerings – or as was the case with the advert, get aggregated content from several services through a single provider.
The very nature of fragmentation, then content aggregation and more recently service aggregation means today’s streaming services need to be delivered to a range of devices that are not directly within the operator’s control. Content is distributed through specific and aggregated apps and operates in an environment that provides a significant surface area for piracy. This means that measures previously seen as sufficient, such as multi-DRM, are just addressing the tip of the iceberg. On that same iceberg and currently lurking below the waterline is another growing trend that has enjoyed much debate – CDN piracy, including CDN leeching.
Growth of CDN Piracy
A recent NAGRA analysis of customer networks found that pirate services were using petabytes of operator data at significant cost. This meant operators were being hit twice – lost revenues from subscribers churning to pirate services (accelerated during a cost-of-living crisis) and additional costs from pirates directly accessing security-compromised content on the operator’s CDN. With macroeconomic pressures creating further market turbulence, the industry has sought solutions to address this risk. The NAGRA approach has been to extend the capabilities of its Active Streaming Protection framework to address CDN content theft directly. We’ve called our newest module CDN Gatekeeper.
Identifying CDN Content Theft
While robust security defenses already exist in CDNs, consumer use cases open vulnerabilities that lead to CDN content theft, such as CDN leeching. An example is where operators need to allow consumers to continue watching content across multiple devices that share an IP address. This consumer demand for content portability creates a loophole that pirates can exploit. This requires significant AI-powered analytics to identify those accounts with excessive numbers of devices across multiple geographies to indicate pirate activity. However, this analytic approach requires care to separate illicit usage from legitimate usage of the operator’s service depending on the rules and policies adopted by the operator.
Pirate Access to CDN Content
Pirates infiltrate operator CDNs in several ways. One route is via the app provided by the operator. Unsecure apps without solid code obfuscation expose valuable DRM license files that pirates will hack to extract the keys and then create their own license files for illicit distribution. Equally, once the CDN location has been identified, the CDN access token needs to be continually refreshed by the pirates to ensure there is no service break.
Disrupting Access to Content Originating from CDN Piracy
When it comes to disrupting pirate activity, a direct takedown is not always the best solution. This is akin to whack-a-mole, where one stream is closed, and the pirates then launch a new one almost instantaneously. Through years of analysis, NAGRA teams have identified that pirate monitoring of their services extends to simply whether the stream is operational. This means other countermeasures need to be adopted to focus on disrupting the user experience – which as a result, leads to users churning, and ultimately deprives pirates of revenue. Such disruption is often undetected by the pirates and success can be measured by the almost instant reaction on social media of disgruntled users who churn away from the pirate service in search of a non-disrupted offering.
When it comes to solutions, a combination of powerful AI-based analytics, session-based watermarking and security software deployed at the CDN edge through which to identify the illicit traffic offers sound protection. Data from each of these areas is then reviewed holistically in tools such as the Security Monitoring and Analytics module of NAGRA Active Streaming Protection. This allows operators to have a view across their entire network and be alerted to suspect illicit activity that requires further analysis.
Staying One Step Ahead
Content and service piracy in the media and entertainment industry does not stand still. A former TV pirate who recently spoke to NAGRA said, “Pirates use increasingly sophisticated technology. To beat them, the industry needs to use better technology.” For this reason, NAGRA continues to invest in the fight against streaming piracy as a proud member of several cross-industry coalitions, including Alianza, CAP, Sygnat, and BCAP.
Through the identification of scenarios, including those outlined above, NAGRA Active Streaming Protection’s CDN Gatekeeper has directly addressed significant volumes of CDN piracy, including CDN leeching. Blocking such illicit activity has secured investments in content, ensured terms of content license agreements have been adhered to, and demonstrated the value that can be derived from a holistic streaming security solution through which to protect creativity and fight piracy.
If you would like to learn more or continue the conversation, please get in touch with us or visit our website to learn more about our Active Streaming Protection solution and CDN Gatekeeper, winner of CSI Magazine’s Best content protection technology award in 2023.