The entertainment industry remains as vulnerable as ever to cyber attacks, as HBO just had an extraordinary 1.5 terabytes of data stolen on Sunday.
The hackers are claiming to have acquired and leaked most of the data online. Included in the data were scripts and video for many of HBO’s signature shows such as Game of Thrones, Ballers, Insecure, and Room 104. The hackers claim there is also much more to be released on the web. In a letter sent Sunday July 30th to major American media outlets the hackers stated”
“Hi to all mankind,” the hackers said in emails to media outlets, including the Los Angeles Times. “The greatest leak of cyber space era is happening. What’s its name? Oh I forget to tell. Its HBO and Game of Thrones!!!!!! You are lucky to be the first pioneers to witness and download the leak.”
HBO, a Time Warner Inc. company, then quickly responded the next day confirming that the data breach happened and they were working with law enforcement and cyber security experts to understand what happened. HBO’s commentary was brief and as of this moment it is still not clear how the hackers got access to the data, what method was used, or what was stolen. CEO Richard Plepler on Monday alerted all HBO employees by email about the data breach and what to expect. In his statement he said:
“As most of you have probably heard by now, there has been a cyber incident directed at the company which has resulted in some stolen proprietary information, including some of our programming.” he continued “Any intrusion of this nature is obviously disruptive, unsettling, and disturbing for all of us. I can assure you that senior leadership and our extraordinary technology team, along with outside experts, are working round the clock to protect our collective interests.”
Mr. Plepler then ended the email on a positive note “The efforts across multiple departments have been nothing short of herculean. It is a textbook example of quintessential HBO teamwork. The problem before us is, unfortunately, all too familiar in the world we now find ourselves a part of. As has been the case with any challenge we have ever faced, I have absolutely no doubt that we will navigate our way through this successfully.”
The response from HBO may seem confident because this is not their first time dealing with a data breach. In 2015 episodes from season five of Game of Thrones were leaked, which disrupted revenue generation via premiere access for HBO.
Implications for Entertainment Industry
With the continued rise of more devastating malware the entertainment industry is not any less vulnerable than others. Even with the most robust cyber security systems available today, human error and guided negligence can bypass anything a company may have put up. The entertainment industry so far has only had to face leaks of information, which had serious effect of profitability. However, ransomware is an increasing threat that could bring operations to a halt. In a scenario like HBO’s if nasty malware such as NotPetya were used it could have deleted massive stores of data and may have delayed production indefinitely if no backups were available. Given how fast the success of these breaches travel, this cyber attack may inspire other malicious actors from the darknet to launch even more attacks. The entertainment industry needs to be prepared for such efforts from cyber criminals.
Tips for Staying Secure
Whether a small studio or large production, cyber security is critical to ensuring that intellectual property is protected and utilized properly. You can protect yourself by exploring some of the following security practices.
Insider Threat Monitoring
One of the primary causes of data breaches is insider negligence and malicious insiders. It is for this reason that having a security solution in place that is capable of tracking insider behavior will ensure you are immediately notified of any suspicious behavior within your networks. Often this is referred to as user behavior analytics. The analysis of log data is often referred to as log monitoring or security information and event management (SIEM). This type of software often identifies behavioral patterns, defines a user “normal” or baseline, and monitors for deviations from the baseline. Combined with machine learning, companies can essentially have an system monitor with in their networks.
Incident Response Plan
It is one thing to attempt to prevent an attack however many cyber security experts will tell you an attack is inevitable. Much of security revolves around mitigating the risk of an attack, so it is good practice to have an incident response plan in place. With an incident response plan a company will have an automated process to respond to cyber attacks in order to mitigate the damage it will do to the company. These are incredibly important for reducing how much the cyber attack impacts operations. Incident response plans can be the difference between minor damage and a full shutdown of operations.
Hopefully, HBO can recover from this cyber attack and prevent future ones. The hackers have stated an intention to leak more data over the next coming days. Some cyber security experts are hoping the hackers are exaggerating on what they have actually acquired. We will see with time. In either case are you prepared for a cyber attack? If not you can explore cyber security solutions such as Teramind.