As I mentioned in an earlier post, in March of this year, the Royal United Services Institute (RUSI) published a seventy-page, comprehensive report titled, “Taking the Profit Out of Intellectual Property Crime.”
The report offers an analysis of the criminal profit engine that drives audio-visual (AV) piracy and offers recommendations on what can be done to curb it.
TRENDS IN PIRACY AND ORGANIZED CRIME
This part covers twenty-six pages of the seventy (70) page report.
It is divided into two sections:
- Audio-Visual Piracy: Key Trends and Patterns
- IP Crime is Organized Crime: Piracy, Organized Crime Networks and Individual Offenders
AUDIO-VISUAL PIRACY: KEY TRENDS AND PATTERNS
This section gives us a look at the various types of AV pirates operating in this global space.
The report distinguishes between individual pirates who operate individual illegal streaming and cyberlocker websites, and organized crime groups (OCGs) that operate the more sophisticated subscription-based services.
Although it is important to track individual pirates, the authors make clear; it is the OCGs that have the infrastructure capacity to operate internationally.
“In comparison, IPTV providers are typically hierarchical and well organized due to the technical knowledge and infrastructure required to provide consistent access to high-quality on-demand and live content.”
IP CRIME IS ORGANIZED CRIME: PIRACY, ORGANIZED CRIME NETWORKS AND INDIVIDUAL OFFENDERS
Piracy as a Service
One very interesting development in how OCGs operate is that not only do they steal content and make it available through subscription and other services, they provide training and technical support to individual pirates who wish to develop their own criminal enterprise.
“IPTV’s growing dominance in the piracy landscape is made possible in part by the rise of ‘piracy as a service’ (PaaS). Using a PaaS model, organized crime networks can market and sell tools, programs and expertise to new offenders to help them begin or improve the administration of their own piracy operations. This includes the ability to purchase professional-looking website templates and fully stocked content libraries, as well as ‘middleware’ or ‘panel’ providers who provide the app-based technology to deliver IPTV content to consumers.
Cybercrime as a Service
And the availability of a service that provides the tools and support to commit piracy is consistent with the tools and support provided by OCGs to commit an assortment of other cyber crimes.
“The evolution of the easily accessible PaaS marketplace mirrors the rise of ‘cybercrime as a service’ (CaaS), a term used to capture the fact that criminals now regularly buy and sell the tools and techniques needed to facilitate cyber-enabled crimes such as distributed denial-of-service (DDoS) cyber attacks, hacking services to access specific systems, and malware and fraud.”
Here is a graphic created by Giuliano Liguori of Digital Leaders in Naples, Italy that details how Cybercrime as a Service is structured:
The ransomware attack of Colonial Pipeline a few weeks ago in the U.S. and yesterday’s reported attack of Brazilian-based JBS with meat-processing plants in the U.S., Canada, and Australia, respectively, appear to be driven by cybercrime as a service criminal groups.
In the next post, we will review the RUSI report’s analysis of piracy and criminal groups and individuals that take part in a variety of criminal schemes such as malware, identity theft, and fraud (a.k.a. Poly-Criminality.) Also, law enforcement’s effectiveness and strategies used and/or suggested to combat piracy.
Disclaimer: IPPIBlog.com is offered as a service to the professional IP community. While every effort has been made to check information in this blog, we provide no guarantees or warranties, express or implied, with regard to content provided in IPPIBlog.com. We disclaim any and all liability and responsibility for the qualification or accuracy of representations made by the contributors or for any disputes that may arise. It is the responsibility of the readers to independently investigate and verify the credentials of such person and the accuracy and validity of the information provided by them. This blog is provided for general information purposes only and is not intended to provide legal or other professional advice.
Thank You Ron
The Ransomware attacks offer a grim forecast for our IT Community.
In review it is the first time I have read the term poly-criminality
Thank You for this work
Tom Manley Special Agent FBI-Retired