Security threats evolve as broadcasters navigate digital transformation

The broadcast industry faces shifting cybersecurity challenges as organizations balance traditional operations with streaming services and cloud infrastructure. This requires new approaches to protecting content and infrastructure.

According to Akamai’s advisory CISO Steve Winterfeld, media companies typically experience fewer distributed denial-of-service (DDoS) attacks than other sectors, such as healthcare or government. This reduced frequency stems partly from attackers’ diminished ability to generate headlines by disrupting on-demand content.

“If you impact my ability to watch Netflix, that’s not going to make headlines,” Winterfeld noted.

However, time-sensitive content like live sports remains vulnerable. The real-time nature of these broadcasts makes them attractive targets for disruption attempts.

Account fraud has emerged as a persistent threat in the media sector. Criminal organizations actively target streaming service credentials and subscription information for resale. The rise of “crime as a service” has lowered potential attackers’ barriers to entry.

“I may be an initial access broker. My specialty as a cyber criminal is breaking into a network, but I don’t have money laundering skills,” Winterfeld said. “I want to break in and sell that access to somebody else, have them come in and execute the ransomware, have them steal the accounts, steal the credit card information, whatever their business model is.”

Hacktivism concerns rise
The democratization of cyber attack tools has increased the risk of hacktivism, particularly for local media organizations that may cover controversial topics.

“Back in the day, you had to have skills to do this,” Winterfeld said. “Now you can rent those capabilities to do it, including ransomware.”

This accessibility means smaller organizations face increased risk from individuals or groups taking issue with coverage decisions.

“If that local broadcast does a feature that is critical to part of the community and somebody in that community takes umbrage, then all of a sudden that hacktivism that somebody could rent a capability and attack them is where the world has changed,” Winterfeld said.

Challenges with cloud migration
The industry’s ongoing migration to cloud infrastructure presents both opportunities and risks. Organizations must carefully balance efficiency gains against potential security vulnerabilities.

“If you have a security culture, then moving to the cloud, you’re probably going to do it securely,” Winterfeld said.

“If your goal is to move to the cloud to lower cost and you don’t do it securely, then you will increase your risk… And [if you’re moving to the cloud] without the leadership being aware, you’re accepting greater risk.”

Smaller broadcasters face particular challenges in this transition. Local stations often operate with limited technical staff who may lack cloud security expertise or have more pressing day-to-day concerns. These organizations must balance maintaining broadcast operations against implementing robust security measures.

“If your choice is to stay on the air or hire a security engineer, we know where the budget is,” Winterfeld said.

Emerging AI concerns
The integration of generative AI into broadcast workflows introduces additional security considerations. As broadcasters explore AI for content creation and automation, protecting proprietary algorithms and preventing model theft becomes crucial.

“If somebody steals the model itself, that’s proprietary information, and that’s incredibly valuable,” Winterfeld said. “As we think about the next generation of where our value is, those are the things we’ve got to think through.”

The industry must also contend with AI-generated deepfakes, though Winterfeld suggested this poses a less direct risk to broadcasters than to the subjects of manipulated content.

“If you’re a tier one broadcaster, a deepfake is not a problem to your business model. It’s a problem to a politician, a government or an organization that’s being deep faked,” he said.

2025 Outlook
Heading into 2025, broadcast organizations face an intensifying battle against content theft and fraud while simultaneously working to secure emerging technologies. NewscastStudio