Washington - Online piracy of music, films and other content has moved to the internet cloud, reaping big profits for digital thieves, according to a study released on Thursday.
The study identified 30 cloud-based "cyber lockers" which operate globally and are hosted in various locations around the world, and which take in some $96m in annual revenue.
These operators use the same kind of technology and often look like legitimate services like Dropbox and Amazon Cloud Drive to deliver illegally copied content, according to the study by the Digital Citizens Alliance and British-based NetNames, two groups focused on online safety and fraud protection.
The cyber locker or cloud model has largely overtaken the older online piracy of peer-to-peer networks that allow individuals to share content on their own computers, but the result is the same.
"We've never had a business dependent on criminal activity grow and thrive in plain sight like the content theft industry," said Digital Citizens Alliance executive director Tom Galvin.
"It's astounding to think of 30 sites making $100m on products they've stolen from content creators... cyber lockers wouldn't thrive, perhaps not even survive, without legitimate businesses facilitating the rogue operators' activities."
Difficult to trace
The report released in Washington was described as "the first major assessment of how cyber lockers profit and how much money they make".
The cyber lockers operate in a manner similar to legitimate services like Pandora or iTunes. Some offer free streaming content with advertising, and others allow direct downloads on a subscription model - such as $10 a month.
One of the best-known cyber lockers, Megaupload, was shut down by US law enforcement in 2012. But the New Zealand-based operator has launched a new service, known as Mega.
For some of the cyber lockers, tracing their home base is complicated because their locations are obscured by use of proxy servers. But the study said it identified cyber locker operations based in the US, Switzerland, the Netherlands and other countries.
The study said the most profitable cyber lockers using the direct download model were 4Shared, Mega and Uploaded. The biggest profits for the streaming operators were at Putlocker, YouWatch and Streamcloud.
The researchers found roughly 80% of the content on the sites had infringed copyrights.
The report said almost all the websites operating the cyber lockers accepted payments from Visa and Mastercard, and that these payment processors could deal a major setback to piracy if they would block the transactions. PayPal, according to the study, was accepted only on one of the sites.
"MasterCard and Visa should follow PayPal's lead and adopt policies for their networks against doing business with these rogue operators," the report said.
Malware
David Price of NetNames said that without the subscription payments, revenues and profit - particularly for the direct download cyber lockers - would drop off dramatically.
"Remove the payment processors from the equation and it becomes far more difficult for cyber lockers to profit from the work of others," he said in a statement.
Because some of the sites appear legitimate, they draw advertising "from brands we know" that give the operators revenue and boost their credibility, the report said.
And many of the cyber lockers also contain malware that can infect computers of people who download from them, the report added.
"It's going to take concerted action by the Internet and the payment processors, advertising industries, consumers, public interest groups, internet safety organisations and responsible government officials to address this corrosive issue that threatens our basic trust in our online world," the report said.