grandeduc - Fotolia

HBO hacking gets personal

Theft of data from US television network has become personal with the release of details of actors in Game of Thrones and could signal a trend of cyber attacks on entertainment firms

Cyber criminals responsible for hacking into IT systems at US TV network HBO have issued a ransom demand backed up by personal details of actors working for the organisation, including phone numbers and addresses.

This is despite claims by HBO that its email system as a whole has not been compromised, but it has acknowledged the theft of “proprietary information”, according to the New York Times.

The ransom demand comes just over a week after HBO was breached and the unknown group of hackers claimed to have stolen 1.5TB of corporate data.

The attackers have also released corporate emails and draft Game of Thrones scripts, threatening to release more data including un-aired TV shows if HBO fails to pay the ransom within three days.

In a video message to HBO chief executive Richard Plepler, the hackers demanded a ransom of “our six-month salary in bitcoin”, which they implied be at least $6m, reports Associated Press.

The hacking group claims to earn $12m to $15m from holding data ransom, but also said they spend $500,000 a year purchasing zero-day exploits to break into networks, according to The Guardian.

In March this year, a report by Watchguard revealed that 30% of malware attacks are zero-day exploits that cannot be identified by legacy antivirus systems because they have not been seen in the wild before.

EternalBlue, a Microsoft zero-day exploit collected by the US National Security Agency (NSA) and leaked by the Shadow Brokers hacking group, was a key component in the WannaCry ransomware that affected more than 200,000 computers in 150 countries in May 2017.

The HBO hackers claimed it took six months to access the TV network’s IT systems and that HBO is the 17th organisation they have compromised and held to ransom.

Read more about cyber extortion

Security commentators say that with firms such as HBO and Netflix increasingly streaming content online, cyber attacks on entertainment companies have become a firm trend.

Stephen Gates, chief research intelligence analyst for security firm Zenedge, said the HBO breach is a perfect example of hackers knowing what is of most value to their victims, and using it to their advantage. “Any way you look at it, a ransom like this only works when someone wants their property back,” he said.

According to Gates, the hackers must have been inside the network for a considerable period of time. “Whether the doorway was left opened by an insider or someone was simply phished, regardless of the catalyst, it appears no one knew that hackers had gained access and remained resident inside the network,” he said. 

“This was not the work of amateurs and could prove to be very costly for HBO – if not financially, then potentially by damaging its reputation, depending on what else the hackers had access to.”

The HBO breach has been likened to the 2014 cyber attack on Sony, in which hackers believed by US officials to be linked to North Korea broke into the corporate network and stole data, including unreleased films, emails and the personal details of nearly 50,000 past and present employees, including some celebrities.

Although the impact of the HBO breach has not been as great, the amount of data the hackers claim to have stolen is about 7.5 times the amount released by the Sony hackers. At the time, the Sony hackers claimed to have stolen 100TB of data, but that claim was never substantiated.  

In 2016, hackers calling themselves Dark Overlord stole unreleased shows from Netflix, ABC and others, threatening to release the stolen content if their ransom demands were not met.

Despite the targeted production house reportedly paying $50,000 in ransom, some of the stolen content was leaked, including an unreleased season of Orange is the new black from Netflix.

An HBO spokesperson declined to comment on the ransom demands, according to a report in Variety. ..................................................................................................................................................

Read more on Hackers and cybercrime prevention