The title picture is from the screenshot of the “Witty Party Girl” video from Station B
On April 27th, the popular host of the B station, “the witty party girl,” released a video saying that he was attacked by hackers and extorted, which once again aroused people’s concerns about network security and privacy protection.
The process is roughly like this. Because the video editing and rendering material files of the party girl team are too large, the company spent more than RMB 100,000 to build a NAS system inside the company, which is equivalent to a public hard drive within the team. But on the first day after the NAS was built and tested for a period of time, it was encountered by ransomware.
Dang Mei said that at present hundreds of GB of video files are all encrypted by viruses, and customers said in a TXT format blackmail letter that they need to contact the hackers and pay the “ransom” to get the material back.
According to cyber security experts, there is currently no way to fix the ransomware called Buran.
If you want to get the material back, self-rescue is almost impossible. The network security company said that there is no way, and the police cannot file the case because there is no definite financial loss. That is left to negotiate with the hacker and pay the ransom. ?
This may not work. Not to mention that hackers do n’t talk about credibility, will there be more layers in the negotiations, just because of the social effects of this matter, if hackers see these reports, they may not dare to continue trading.
Therefore, the hope of recovering these data is very slim, and the party girl also said that she should learn lessons and make a safe backup. Some small UP masters told the media that they never considered the hidden dangers of network security and material theft, because there were fewer fans and they would not be targeted.
But “will not be stared at” is actually an illusion, because hackers conduct random indiscriminate attacks across the entire network. Now there are no tricks but only that vulnerabilities have not been discovered by hackers.
The cups of the party girl team actually sounded the alarm for the rapidly growing video self-media industry. With the development of the video industry, video materials as data assets have become economically valuable means of production and should be given sufficient attention and protection by creators.
How to do the security protection of video materials, and what new safe storage methods are needed, these require the thinking of video media practitioners and related industries.
When the video begins to encounter network security issues from the media
You may also be curious, why this online black industry will find a conscientiously working video self-media industry?
First of all, it is the rise of video as an industry that has become valuable. The technical threshold for video shooting and editing has been repeatedly lowered. The prosperity of the UGC video platform represented by Station B, Douyin, and Kuaishou has driven the rise of a large number of grassroots video bloggers. At the same time, the scale of attention brought by the traffic of the video has produced huge economic benefits. Video production has changed from a “play ticket” nature to an industry with commercial value. In a word, the material resources of the video from the media have become valuable data assets.
< / span>
Second, the storage, sharing, and rapid use of these massive video materials have become new problems. As the party girl said, the production of the first video has changed from the original hundreds of MB to the current dozens of GB, and its own computer hard disk and external hard disk can no longer store and share these materials well. Therefore, NAS public network disk has become the first choice of many video studios, UP masters, and photography and video enthusiasts, which is equivalent to building a small private cloud.
Then, the question is coming, these NAS builders are either not equipped with corresponding network security IT technicians for regular maintenance, or do not have sufficient security protection awareness, do not turn off some permissions or set a weak password for convenience , Causing the server system to be exposed to security threats.
So, as we pointed out, the ransomware attacks like Buran are indistinguishable. It scans the IP port on the public network, and the virus breaks through the vulnerable port protection, so as to enter the system, and then cracks the password through brute force, and finally infects and encrypts the system’s data files.
When the videoThe high storage demand and low security protection awareness of the production encountered malicious hackers searching for prey on the public network, and the tragedy appeared.
How to protect data security under NAS public network disk?
Why does NAS public network disk become the first choice of current video self-media team and UP owners?
First of all, under the popular science NAS, its full name is Network Attactched Storage, which is a network-attached cloud storage server. It is a device that can connect to the network and has data storage functions. It can support multiple protocols and operating systems. To put it simply, NAS is a kind of multiple hard drives equipped with large capacity to form a RAID (Redundant Independent Disk Array) , which can be centrally managed and processed Private network disk for data.
The advantages of NAS large-capacity storage, 7X24-hour stability, high-speed operation in a large broadband network environment, and the convenience of multi-scenario multi-user multi-device access have become the main considerations for video producers. The NAS’s multi-authority function can set corresponding access and read-write permissions for different creators, improving the team’s cooperation and the efficiency of film production.
Of course, qualified NAS products should be equipped with mature RAID solutions, hard disk detection solutions, encrypted transmission, and multi-user management to ensure that data will not be leaked or lost due to malicious intrusion or accidents.
< / span>
According to the analysis, specific to the security breach encountered by the UP team, on the one hand, their NAS server uses the WindowsServer operating system specifically targeted by the ransomware, and some high-risk ports have not been closed; on the other hand, They may have set up public network access, exposing the public network IP; In addition, the account password configured for the software is too simple and has been brutally cracked.
If they have data backup in advance, when the files in the NAS server are attacked, they can still recover the loss. At present, without data backup, this virus infection has become a serious disaster for the team.
As the video moves from media to regularization and team operation, both individuals and teams must make up for the network security protection class from the following aspects.
1. On the whole, convenience and safety are contradictory. As one of the most important assets of a company, future data will become a work habit that all team members must adhere to when doing daily security operations and repairing system vulnerabilities in a timely manner;
2. The core method is that the data needs to be backed up regularly. It is recommended to use a separate file server to store the backup files in isolation;
3. Strengthen the security configuration and improve the security baseline, such as high-strength passwords, eliminate weak passwords, and increase the difficulty of ransomware intrusion; pay attention to close unnecessary file sharing and close high-risk ports such as 3389 and 445;
4. Upgrade the operating system in time, choose anti-virus software with strong technical capabilities, and prevent ransomware attacks in advance;
5. Strengthen network security awareness at ordinary times and remind team members not to click on emails from unknown sources or download software from unknown websites.
So, besides NAS, are there any other options for video self-media?
To ensure data security, what are the new options for video self-media?
At present, considering the factors of cost and convenience, mobile hard drives are definitely the first choice for many small and medium UP owners, and network cloud disks have become a tool for many people to back up data. However, if faced with the material scale and production requirements of the party girl team, NAS is already the best choice.
In the future, with the popularization of 5G networks and Wi-Fi 6, when the network speed is no longer the bottleneck restricting the pipeline of video uploading and downloading, choosing a public cloud storage service may become a better choice.
First of all, the security and reliability of the public cloud is naturally much higher than that of the local private cloud. By supporting server-side encryption, anti-theft chain, IP black and white lists, VPC network isolation, log auditing, and fine-grained permissions control to ensure data security and credibility; second, through disaster recovery backup, it can almost provide permanent backup protection for data, and truly achieve data never lost; Intelligent scheduling and transmission acceleration can provide a stable, low-latency, large-bandwidth and ultra-high-speed experience for remote data access, and solve the problems of multi-end collaborative sharing and rapid downloading of video resources.
At present, for many small and medium UP owners, the cost of using public cloud services for storage may still be high, but with the explosive growth of such storage requirements, some public cloud vendors may launch more economical, Cost-effective storage solution and pricing plan.
< / span>
Coincidentally, on the same day that the party girl team encountered a virus threat and blackmail, the State Cyberspace Administration and 12 departments jointly issued the “Network Security Review Measures”, which will be officially implemented from June 1 this year.
The network digital world is no longer an extra-legal place, and the processing and transmission of network information will more strictly follow the requirements of confidentiality, security and integrity. Network security has become a normal preventive measure for the entire society like fire prevention and theft prevention.
For the video self-media industry that is experiencing explosive growth, this security issue encountered by the party girl team has an event worth being marked. This will remind those UP owners who are bald for creativity and traffic, they must have more energy to protect their most important digital assets.