Why cybersecurity is so important for musicians

When we think about cybersecurity, the music industry is perhaps not the first sector that springs to mind when thinking about the targets for cybercriminals. Most people will think about global organisations with big bank balances, however, musicians have a lot to lose if their music files are stolen and they are increasingly becoming the target of cybercriminals who then leverage those music files as a way to extort money from musicians or crowdfund the leaked release of that music.

History of leaks in the music industry

Leaks in the music industry are nothing new. As far back as 1993, Depeche Mode’s Songs of Faith and Devotion album was leaked before the band released the album in stores. The introduction of MP3s in 1995, however, was the catalyst for an increase in the number of leaked songs and albums and then, at the turn of the millennium, the launch of peer-to-peer file-sharing networks like Napster and Limewire opened the floodgates on leaked file sharing.

According to an article by The Fader, one of the most prolific leakers at the time was a character called Dell Glover. Glover was an employee at a CD manufacturing plant in North Carolina responsible for pressing Universal Music Group’s catalogue. He worked with a group calling themselves Rabid Neurosis, or RNS for short, to leak thousands of albums by smuggling CDs out of the plant. 

Glover was responsible for leaking some of the biggest albums of the decade including Eminem’s The Eminem Show, Jay Z’s The Blueprint, Mariah Carey’s The Emancipation of Mimi, 50 Cent’s Get Rich or Die Tryin’, and Kanye West’s College Dropout.

Fast-forward to today, and music leaks are no longer carried out by people stealing physical CDs and uploading them to file-sharing sites. Like many industries, the music industry is one that has been changed by the internet so instead of physical file theft, hackers are finding ways to breach network security measures to steal online files that have been saved to the cloud or even on physical devices. This new wave of cybercrime in the music industry is proving more difficult to combat and whilst full album leaks are rare today, there is still a huge demand in online forums such as Reddit or sites like leakth.is that cybersecurity is becoming an increasingly important part of a musician’s setup.

Cybersecurity risks for musicians

Musicians are open to the same sort of cybersecurity risks as any other individual or business and whilst their music is often the target of cyberattacks, hackers also know that musicians have the resources that make other types of attacks such as ransomware or phishing just as likely.

In an article published earlier this year, we highlighted the importance of awareness for musicians about the potential threats they face.

“Hackers and other malicious actors may specifically target you because of the increased public attention. Therefore, it is vital to know the common social engineering tactics cybercriminals use,”

The article goes on to list some of the most common forms of social engineering that musicians need to be aware of and the measures that they need to put in place to protect themselves from such attacks. He lists four of the most common threats as being:

1. Phishing
2. Malware
3. Distributed Denial of Service (DDoS)
4. Man-in-the-middle (MITM) attack

Technology is at the heart of many of today’s cybersecurity threats and the music industry is one that has embraced the many benefits provided by new technology, making the industry a potential target for attacks.

Cloud computing has undoubtedly led to one of the biggest shifts in cybercrime. According to an Oracle and KPMG Cloud Threat Report 2019,  cloud vulnerability is and will continue to be one of the biggest cybersecurity challenges faced by organisations as we head into 2022 and beyond.

With more and more businesses moving their workload to the cloud, including the music industry, they become tempting targets for malicious hackers and without adequate cybersecurity measures in place, the music industry, and individual musicians leave themselves vulnerable to attack. A great solution can be found here.

An article by leading cybersecurity specialists NEC highlights the importance of preventing the leak of data stored in the cloud, “One of the main reasons why cloud security solutions are so effective is to do with scale and scope. Cloud computing networks are huge and house a large number and wide range of online assets.”

Many artists are moving to cloud solutions to store their music files and this is where adequate cybersecurity measures are required in order to protect those files. One artist taking no chances when it comes to the storage of their music files is Wiz Khalifa. Andrew Lang, Cybersecurity Major at Penn State Altoona, reported that Khalifa, “does not keep his files of music on a cloud storage or on a laptop. He stores them on an external hard drive that is shared between him and another person who keeps it safe while he is away from the studio; this is because he doesn’t want his music to be stolen.”

Learning from other industries

The music industry is slowly starting to catch up to other leading industries when it comes to cybersecurity, however, there is still much they can learn. One sector that has invested heavily in cybersecurity is the online gaming sector. The threat of cybercrime in this industry is an obvious one with customers accessing these sites and using their banking information in order to place bets and play games online.

Businesses within the sector need to provide guarantees about the secure ways in which customers’ data will be stored in order to drive loyalty and protect their brand. One leading online gaming site, Betway, invests heavily in cybersecurity measures in order to combat cybercrime and provide a safe environment for customers. Some of these measures include the use of big data and AI to help cybersecurity specialists process large amounts of data and ensure the safety of their platforms. Anyone registering on the site is also required to complete ID checks which not only ensure the promotion of safer gambling but also help to ensure that customers on the site are genuine and not hackers trying to access the network.

Cybersecurity is an important consideration for musicians looking to not only protect their music but also their personal brand. In time, it is likely that we will see fewer leaks of unreleased music, however, whilst there is still a demand in online forums for leaked music, there will always be hackers who will try and steal an artist’s music files.

Image Credit: Markus Spiske on Unsplash