Hacker with hands reaching out showing piracy and need to prevent data loss

Piracy as a Business: How Movie Thieves Make Billions in a Post-Pandemic World

The love affair between movie fans and online piracy platforms continues to drive millions of dollars into the hands of sophisticated hackers looking to make an illicit buck – further impacting Hollywood’s post-pandemic business model.

The piracy business model has made significant strides since its inception, evolving from shaky, in-theater camera shots to crisp, high-quality content stolen straight from the source. According to the U.S. Chamber of Commerce, online piracy is responsible for at least $29.2 billion in lost domestic revenues, 230,000 in lost American jobs, and $47.5 billion in reduced GDP. In a post-pandemic world, these numbers should only be expected to climb.

One example of the changes brought by the pandemic to the filmmaker industry is the turn to online streaming premieres as a fitting alternative, in hopes of successfully adjusting a once reliable business model. Movie pirates are no doubt attempting to take full advantage of this industry shift, hacking into precious files containing the delectable content audiences long for, or simply by bribing a member of the film’s inner-circle for special digital access to the never-before seen content. Leaking content before its premiere is the holy grail of the online piracy world, potentially dealing the greatest blow to filmmakers and studio executives seeking to reap the benefits of a stellar box office run or streaming performance.

When following the money trail, the vast majority of online pirates make their profit in one of the following ways:

  • Selling leaked films or establishing an illegal streaming platform – With no licensing costs and no need to comply with copyright restrictions, movie thieves can easily offer an attractive streaming or movie download service, with a wide suite of content for a much lower price point  compared to legitimate services such as Netflix, Amazon Prime, and others  who invest millions in creating or licensing content.
  • Stealing personal information – The pirated content is offered for free, but it requires the user to install “special software,” in order to access the content. The security risks associated with downloading apps that offer “free content” are enormous. While the user/victim enjoys the “free content,” hackers use the installed software to access and control the victim’s device. Personally Identifiable Information (PII) can be sold for thousands on the dark web, and some hackers double dip by charging the victim a fee for to access the pirated content while also stealing and selling the victim’s personal data. In other cases, hackers use the user’s compromised device to  serve as botnets used in DDoS attacks and other illegal cyber activities.
  • Minimal Advertising – Some pirates adopted the Advertising Video on Demand (AVOD) business model, where users have to watch online ads to access the desired (pirated) content. A key differentiator between legitimate and piracy AVOD services is the amount of advertisement. Since pirated AVOD services do not pay for the content, their business model can afford lighter advertisements, which could be more attractive to viewers who abandoned legal platforms.

Some of the illegal services have great user experiences and content discoverability. Often, users mistaken these new services for a legitimate streaming.

The variety of ways criminals can monetize on pirated content make the risk of pirating worth the enormous reward – placing valuable content in danger of being leaked sometimes before it’s released. In parallel, users who seek to pay less for video content, can find themselves paying much more to recover their identity that was stolen using the pirated content service.

Taking on a holistic approach is absolutely necessary when protecting digital content from malicious actors. Only a multi-layer security strategy can provide maximum content protection without compromising the overall viewing experience.

  • Content at rest  – Properly encrypt video files when stored and prepared to be streamed to the user’s device is essential for preventing an “inside job” leak. It is also important for limiting the damage in case the streaming service is breached.
  • Content in motion – Digital Right Management solutions ensure that content is only streamed to an eligible device used by an approved user. It also protects the video content when it travels through public internet networks and infrastructure. In a typical DRM system, the video content is sent encrypted, and it cannot be used without a content key. The content key is separately sent to the device. The sent key itself is also protected with a unique key available on the receiving device.
  • Content in use – After the video content is delivered to the device, it must be decrypted so it can be processed and displayed to the user. At that stage, when the decrypted video is processed and displayed, it can be grabbed by malicious software running on the device. This malware can be installed by a legitimate, but dishonest user, or unintentionally installed by the user. Protecting content in use starts before the content is sent to the device.

The streaming service assesses the security level of the used device to determine if it is eligible to receive the content. If the device does not meet the security level, the content will not be provided by the service. Assessment of the device security level can include checking the device OS version for known vulnerabilities, detect device jailbreak, and look for enabled debug modes. If the device is determined to be safe to receive the content, the content is sent. At this point, the code and application that handle the content must be protected from malware and dishonest users. This is done using application shielding techniques, which include execution tamper detection, obfuscation and whitebox technology. An attempt to attack the video handling app, in order to steal the video, will be detected by the app and the app can terminate itself in order to block access to content and keys.

  • Trackability – This is the last piece of multi-layer protection that limits the damage in case all other methods fail. Watermarking technologies uniquely identify the content used by each device. If content is leaked and pirated, it’s possible to determine the device which is responsible for the leak. This is especially useful in live events, where a quick action of stopping streaming to a device that leaks it can disrupt pirates’ ability to provide their service and monetize on pirated content.

The changes brought on by 2020 and their relation to consumer habits are undeniably transformational and we’re already beginning to see the permanent impact on entertainment consumption. Hollywood is struggling, making pirated content all the more threatening to the industry’s survival in a rapidly morphing digital world.

Only a multi-layer #cybersecurity strategy can provide maximum content protection without compromising the overall viewing experience. #respectdataClick to Tweet

A multi-layered approach that is not end-user disruptive is essential in combating unsavory pirates in the 21st century, making content protection a core pillar for Hollywood, live sports, esports and smaller content creators, etc.


Chief Operating Officer at Verimatrix