Why the Media Industry is a Juicy Target for Hackers and Bad Actors

In today’s digital world, cybersecurity is not something that can be ignored any longer. While many organizations across every industry ramp up their focus on cybersecurity, some industries are more vulnerable than others when it comes to cyber threats.

Unfortunately for media organizations, the sector might have the greatest exposure to such threats. The media landscape has changed beyond recognition since the 1990s, and the shift to digital has underscored the transition.

With media organizations operating almost entirely online these days, they have a massive attack surface to protect. Making matters worse, the digital products companies in the industry create are in high demand, meaning there is a significant risk of being infiltrated and robbed of valuable content — both by individual hackers as well as organized crime organizations and nation-states.

In fact, the 2018 Cost of a Data Breach Study revealed that year after year, data breaches continue to increase in cost while resulting in more consumer records being lost or stolen. For the media sector, each breached record costs the industry $134, slightly below the global average across industries.

Threat Types

Whatever their size, media companies need to be aware of the various threats they’re facing on any given day. As is the case in most other industries, attacks that use an organization’s website as the point of entry occur quite often. Additionally, social engineering attacks, such as spear phishing, which trick people into giving away passwords and other sensitive information, are also rather common. But what makes the online media industry unique is due to the large number of people who use its services, the industry itself can serve as a vector for launching attacks.

The public footprint of media organizations makes them ideal targets for visible impact to a wide audience. As a result, threat actors are looking to piggyback on these communications channels to spread their own potentially dangerous message.

A solid example of this danger is the “watering hole” attack in which hackers breach a popular website and then use it as a delivery platform for malware. The goal of this type of attack is to infect a targeted user's computer and gain access to the network at the target's place of employment.

While watering hole attacks aren’t incredibly common, they do pose a substantial threat as they aren’t easily detected and typically target an organization’s most sensitive data through its low-security employees, business partners, connected vendors or an unsecured wireless network.

Fake News?

A separate threat that also utilizes online media itself as an attack vector involves hackers and bad actors altering news sources to trick people or automated programs into making ill-informed, misguided decisions. There are several well-known instances of high-profile online media accounts being hacked to feed deceptive information to the masses.

As a matter of fact, in one extreme example, the Twitter feed of the Associated Press tweeted out a report that President Barack Obama had been injured in an explosion at the White House. Fortunately, the tweet was fake — the result of a hack — but the news spread rapidly. The attack triggered a stock market crash — the S&P 500 declined 0.9 percent, enough to wipe out $130 billion in stock value in mere seconds — by fooling stock trading programs into placing automatic sell orders based on false information from an online media account.

While nobody knows what led to the attack, many market watchers blamed high-frequency traders, specifically the variety that use algorithms to comb through the internet at rapid speeds, “reading” news items and tweets and making trades based off of that information. Consequently,  it’s possible that many firms had the words “White House,” “explosion” or “Barack Obama” in their databases as keywords that could trigger selling given the right circumstances.


The one thing that matters above all for most media organizations is their reputation. News must reach its intended audience — unchanged, accurate and with integrity. For media organizations, attacks that cause reputational harm are a significant threat.

In particular, news companies are increasingly popular targets for hacktivists and attack groups loyal to a particular nation or cause. While some of these attacks target specific reporters in an effort to uncover their sources, others disrupt websites or present substitute content in order to damage an organization’s reputation, spread propaganda or manipulate public opinion.

Unfortunately, cyberattackers that carry out these types of attacks appear to be less interested in stealing data and more alert to stopping the organization from operating effectively or humiliating it in the eyes of the world.


As a result, media companies need to address what they’re going to do to lessen the cyber threat while continuing to advance their business. Unfortunately, the changing nature of the media landscape means that traditional cybersecurity measures are no longer viable, and the idea of a perimeter defense — a castle and and moat — is an old fashioned approach to cybersecurity, according to the latest thinking.

Today, companies must instead plan to be breached and develop and deploy policies and procedures for discovery, mitigation, remediation and reporting accordingly, especially considering the massive reputational risk for media organizations. Unfortunately, many companies in the media sector are challenged by patch management — a fundamental component of any organization’s security posture.

Patch management, or the process of identifying, acquiring, installing and verifying security updates for applications and systems isn't consistently applied by many organizations in the media sector. The process is often overlooked, neglected or left incomplete because of how difficult manually patching modern, cloud-native and mixed-OS environments can be.

These days, the need for a rapid and effective vulnerability patching solution has never been more striking. Fortunately, the future of patch management is here: Automox’s easy-to-install, cloud-native, automated patching solution. When hackers compromise our news sources, websites and social media — tools we use every day — the impact is dangerously clear.

About Automox

Facing growing threats and a rapidly expanding attack surface, understaffed and alert-fatigued organizations need more efficient ways to eliminate their exposure to vulnerabilities. Automox is a modern cyber hygiene platform that closes aperture of attack by more than 80% with just half the effort of traditional solutions.

Cloud-native and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure.

Experience modern, cloud-native patch management today with a 15-day free trial of Automox and start recapturing more than half the time you're currently spending on managing your attack surface. Automox dramatically reduces corporate risk while raising operational efficiency to deliver best-in-class security outcomes, faster and with fewer resources.