The Hackers Are Coming…

The Hackers Are Coming…

posted in Ransomware ● 15 Aug 2017

The latest data breach sweeping headlines is a reminder that being an enterprise organisation with a global presence doesn’t guarantee your cyber-security. For HBO, quite the opposite appears to be true with its flagship series, Game of Thrones, being specifically targeted by savvy hackers looking for a ransom.

The hack, which was first reported at the end of July, has not been claimed but has seen hackers make contact with HBO in an attempt to secure a ransom equivalent to ‘six months’ salary’, reportedly a figure between $6 million and $8 million. It has not been publicised how hackers managed to secure 1.5 Terabytes of data from HBO’s network but with digital autopsies currently taking place, it is likely HBO will know soon enough. Despite this, HBO Chairman and CEO Richard Plepler, has released statements expressing confidence that hackers have no access to email systems, despite hackers later releasing hundreds of emails between various staff, including internal writers for the show. 

It is unknown what data hackers now hold and what they will leak, having promised to continue leaking content. The most ‘valuable’ piece of data that has been released thus far is mock-scripts for episodes that have since aired, they have not as of yet leaked any video footage from the show. For HBO and Game of Thrones, there has been no secret about the attempts to keep plot lines and show secrets exactly that, secret. Having been one of the most-streamed shows (illegally) of all time, HBO have fought an uphill battle to try and keep content offline, this however is the first time the company has been the victim of a cyber-attack.

Pay up or pay

Developments in this latest hacking threat have seen leaked emails allegedly showing an HBO official offering the hacker a ‘bounty’ payment of $250,000 for bringing security flaws to their attention. This payment is a long way short of the “six months’ salary”, equal to around $6 million, however it remains to be seen if it will be enough to stave off hackers determined to leak content and vital spoilers to eagerly waiting fans.

At this point in time, HBO are faced with a decision, pay up or pay the consequences. They are currently working with external parties and law enforcement to ascertain the scale of the attack, but there is no real way of knowing what data hackers have or could release. This is not the first targeted attack on such a company, with Netflix and Sony famously falling victim to attacks of their own.

  • In April 2017, Netflix were victim of a cyber-attack which saw hackers leak the upcoming series of Orange is the New Black.
  • The Sony hack of 2014 saw an alleged 100 Terabytes of data stolen, the fall out due to confidential emails being leaked following the hack had a severe effect on the company’s reputation.

With schools, hospitals and charities all also being hit by cyber-attacks, predominantly ransomware and other malware attacks, hackers have been able to exploit weak systems for bumper paydays, some reportedly up to $1 million.

A step up in security

With such a high-profile breach of security having taken place, Game of Thrones faced no choice but to step up security protocols, even before this hack. It is reported that on-set staff, writers and actors were all told to enable two-factor authentication on email accounts and the number of staff with access to scripts was cut. Further to this, actors were only given digital copies of scripts, were not allowed to print them and had to sign in/out any notes they made during rehearsals.

The increasing focus on cyber-security across the globe comes at a time where the legislation around data protection is also making headlines. With the General Data Protection Regulation (GDPR) set to take effect in May, the processes organisations take to protect their data will be under scrutiny. The GDPR will affect any organisation that holds data on any European citizen and will require organisations to ensure ‘technical and organisational measures’ have been taken to protect data and prevent data breaches.

It is reported that hackers gained access to personal addresses and contact details for some of Game of Thrones top stars. Under the GDPR, HBO could have been liable for a €10 million fine had they not reported the breach within 72 hours. This could have been paired with a further fine of up to €20 million for the breach itself.

The cyber criminals exploiting coronavirus panic

Reading, 20 March 2020 – Cyber hackers are preying on the public’s fear of Covid-19 to spread their own harmful viruses. According to multiple cybersecurity experts, the spike in phishing techniques, fraudulently claiming to come from an official source is the worst in years.

Continue reading

How to keep business healthy during outbreak

Reading 12 March 2020 – Up to a fifth of the UK’s workforce are likely to be off sick at the peak of the coronavirus pandemic, according to the Government’s best estimations.

Continue reading

Is your medical practice a top ransomware target?

Reading, 17 January 2020 – Since the early 2000s, medical professionals have increasingly been choosing electronic patient records over paper. Although digital records are certainly easier to access and harder to lose or destroy, they are by no means immune to disaster – and organisations have more to worry about than just fires and floods.

Continue reading