Spoiler Alert: Hackers Break Into Entertainment

The cyber attack on HBO is a reminder that hackers are gaining ground in Hollywood. Here's how networks and studios can stop them.

HBO hack

On July 31, HBO confirmed that they were hacked. Meanwhile, the culprit—boasting she or she stole of 1.5 terabyes of data—did send a gleeful note to a number of media outlets. It read:

Hi to all mankind. The greatest leak of cyber space era is happening. What’s its name? Oh I forget to tell. Its HBO and Game of Thrones……!!!!!! You are lucky to be the first pioneers to witness and download the leak. Enjoy it & spread the words. Whoever spreads well, we will have an interview with him. HBO is falling.

In subsequent weeks, the hacker has leaked Game of Thrones script outlines, executive emails, actor email addresses, and marketing materials. According to the LA Times, “Allegedly included in the dump is a letter to HBO Chief Executive Richard Plepler from a person taking credit for the hack, going by the name ‘Mr. Smith.’”

Hacker's letter to HBO (image courtesy of TorrentFreak)

The thief offered to protect the stolen data for a ransom, said to be set at $7.5 million in bitcoin. HBO has not commented on whether or not they’ll pay up. It’s a tricky situation made even more sensitive, because the network’s parent company, Time Warner, has been awaiting regulatory approval to be sold to AT&T for $85.4 billion.

This breach appears to be significantly larger than Sony Picture’s 2014 data breach, in which the “Guardians of Peace” stole 200 gigabytes of data. That attack was thought to be retaliation by North Korea for the caricature of Kim Jong-Un in Sony’s then-unreleased comedy, The Interview.

The sensitive emails that were exposed took center stage: embarrassing studio execs and the talent who worked with them, resulting in co-chairperson Amy Pascal’s high-profile resignation. The Guardians of Peace also leaked a number of its upcoming movies, such as an Annie remake and the WWII film Fury, starring Brad Pitt. In three weeks, Fury was illegally downloaded a record-setting 1.2-plus million times.

The latter is significant. Both this summer’s HBO incident and April’s Netflix breach are similar in how thieves have attempted to leverage creative properties for the purposes of extortion. In Netflix’s case, “thedarkoverlord” held new episodes of Orange Is the New Black for a ransom. When the company didn’t pony up, the hacker leaked season 5 of the series. The thedarkoverlord also claimed to have unreleased material from other networks such as ABC, Fox, and IFC.

Media has become a hacker commodity. And breaches will escalate, because hacking these companies is relatively easy due to the abundance of attack vectors. Between internal employees and several contractors across the globe hired to work on production, marketing, and distribution, there are countless users accessing servers, downloading and uploading files, moving information.

HBO hacker's homepage (image courtesy of HD Report)

HBO doesn’t yet know the source of its breach (“The forensic review is ongoing,” the network said in a statement). But Netflix has traced its hack to Larson studios, a digital-mixing company that it and several other studios use. In the case of Sony, hackers have claimed they physically broke into the Sony building, stole a system administrator’s password, then planted malware in the network.

The cyber hit on HBO is particularly disturbing, because it captured that sweet spot of (perceived) financial gain and bragging rights over superhero, science fiction, and fantasy properties that breed Internet obsession. It’s only a matter of time before another hacker one-ups Mr. Smith’s conquest by targeting a hotly anticipated ten-pole movie, amounting to hundreds of millions in lost box office. In the cutthroat market of streaming services such as Netflix, Amazon, and Hulu, preserving and bolstering viewership numbers is essential to elbowing out the competition. Marketing materials and master plans also lend priceless insight in how companies plan to outperform rivals.

Entertainment companies must take more interest in the best practices and security set-ups of the third parties they hire. But they should not lean on them to protect larger systems. Without machine-learning driven analytics deployed at the mothership, networks and studios will lack visibility into the behaviors of all these users, files, and endpoints. This is where threshold-type platforms fail: They waste time creating alert fatigue among a hard-to-find security staff specialized enough to sift through the false positives.

Speed and accuracy are critical in improving security posture. And in this era of dark-web dominance cybersecurity must become core to competitive strategy.