Hollywood’s blockbuster problem with hackers
HBO isn’t the first Hollywood studio to get hit by hackers, and they won’t be the last, cybersecurity researchers said.
by Alfred Ng 1:25 Close Drag Autoplay: ON Autoplay: OFF
Hackers are starting to target Hollywood, thanks to the potential for a massive payday.
“Game of Thrones” and HBO are facing a dragon they can’t slay: hackers.
Hollywood has become the next major target for cybercriminals, with hackers going after its weak security and massive paydays. HBO is only the latest victim, as thieves leaked emails and scripts from “Game of Thrones” and other HBO shows onto the web, promising to release more unless the network pays a hefty fee.
A source close to the investigation said the hackers wanted $6 million to stop leaking “Game of Thrones” spoilers, episodes of “Ballers,” and various internal documents.
The attack marks an escalation of online threats for Hollywood studios, which previously were on the lookout for piracy, and for fans who’d post movies or shows online for others to watch for free. HBO is well aware of those issues. It had to deal with more than 10 million Americans who were planning on watching “Game of Thrones” illegally. But now the network and the rest of Hollywood are at greater risk, with cybercriminals targeting not just their shows but their internal documents too.
These aren’t fanboys looking for the latest scoop on Jon Snow or Daenerys; they’re in it for the money. Netflix found that out when hackers reportedly released a new season of “Orange is the New Black” after the streaming giant refused to pony up a ransom.
Why is it happening? A lot of companies don’t think they’ll be targets, and they skip common security practices.
“Most people prefer the ease of use over security, until it bites them,” said Ross Rustici, the head of intelligence research at security company Cybereason.
Quality vs. quantity
Cybercriminals are always looking for wealthy targets, and they’ve found a blockbuster hit with Hollywood. In 2015 and 2016, the main victims were hospitals and small businesses, who couldn’t afford to have robust security. Hackers would steal data from a vast amount of computers, in the hope that smaller payouts from hundreds of thousands of victims would bring them a massive fortune. With movie studios, the job gets much easier.
“You’re going to have to hit hundreds of thousands of people to make the same amount you would with one organization,” said Rick Holland, vice president of strategy and a cybercrime researcher at cybersecurity company Digital Shadows.
The thieves are aiming for quality now, not quantity, and with Hollywood studios, especially those with massive fan bases, there’s a lot of potential for payments.
Movie studios are taking note. Holland said several media companies hit by hackers in the last two years secretly paid a ransom to keep the hacks under wraps. It’s become so prevalent that he’s seen media companies set up bitcoin wallets in case they’re the next victim.
As more movie studios opt to pay up, they increasingly become a target. That’s why the FBI and most cybersecurity organizations recommend that you don’t pay criminals, because it will only encourage future attacks.
Studios are inclined to pay hackers if it means saving them at the box office and saving their ratings. It’s worse for movies than for TV shows. With a film, studios can pour millions of dollars into a single project only