A cybersecurity analysis of hundreds of media industry vendors showed that many companies are slow to patch critical vulnerabilities, according to MDR and third-party risk management provider BlueVoyant.
The media industry faces various types of cybersecurity incidents, including content leaks on torrent sites and dark web forums, disruptions to the channels used to deliver content to consumers, and other disruptive attacks, such as ransomware and denial of service (DoS).
BlueVoyant has analyzed nearly 500 vendors. This includes 49 companies that supply content management, production, monetization and distribution services to most media companies, and 436 firms that represent suppliers whose products and services are widely used but not common across the entire industry.
Of all these companies, 143 had what the security firm calls ‘zero tolerance findings’, which are critical vulnerabilities in internet-facing systems that are commonly targeted by threat actors.
One or more such vulnerabilities were identified at roughly 30% of media vendors, which BlueVoyant says is nearly double compared to the multi-industry average it has observed across more than one million companies.
Looking at the distribution of these vulnerabilities, content management providers seem to be the most impacted, with half of these vendors hosting vulnerable systems. The monetization segment is the best when it comes to securing systems, with less than 15% exposing their systems to attacks.
As a specific example, BlueVoyant provided the Confluence vulnerability tracked as CVE-2022-26134. Atlassian released a patch in early June, but malicious exploitation started at least one week prior.
While this is a serious vulnerability that can be exploited remotely to take complete control of the targeted system and cause serious problems for affected organizations, BlueVoyant found that eight of the monitored media industry vendors had still not applied the patch six weeks after its release.
“Media companies need to take strong action with their vendors and suppliers, particularly in Content Management. Supply chain attacks are a common attack vector, and protecting against ecosystem vulnerabilities is critical to preventing leaks, downtime, and disruptions to the production process,” BlueVoyant said in its report (direct PDF download).
Earlier this summer, the cybersecurity firm analyzed 300 SMB subcontractors for the defense industrial base sector and found that many were vulnerable to attacks and some had likely already been compromised.