HBO Attack Sends A Dark Message To The Enterprise

by Sohini Bagchi    Aug 03, 2017


Earlier this week, reports of the massive cyber attack on HBO systems, revealed that a number of unreleased episodes from popular HBO shows like Ballers and Game of Thrones had reportedly surfaced online. The attack may have been bigger than previously thought. 

Hackers were said to have breached the company’s confidential computer systems and left the message that read, “Hi to all mankind. The greatest leak of cyber space era is happening. What’s its name? Oh I forget to tell. Its HBO and Game of Thrones……!!!!!! You are lucky to be the first pioneers to witness and download the leak. Enjoy it & spread the words. Whoever spreads well, we will have an interview with him . . . HBO is falling.”

The leak of the unreleased episodes of Game of Thrones left many shocked and another good reason for security vendors and organizations to protect their turfs and save themselves from the hands of cyber goons. In HBOs case, hackers involved in the attack reportedly managed to abscond with 1.5 terabytes of data.

In a brief statement, HBO confirmed the breach saying, “HBO recently experienced a cyber incident, which resulted in the compromise of proprietary information. We immediately began investigating the incident and are working with law enforcement and outside cybersecurity firms. Data protection is a top priority at HBO, and we take seriously our responsibility to protect the data we hold.”

However, after new report claims the personal information of a top executive was stolen, including his online banking and personal health services were exposed’ and the hack was about ‘targeting specific content and data housed in different locations’, which would suggest there were ‘multiple points of entry’, HBO chairman and CEO Richard Plepler sent an email to employees as he clarified, “ Any intrusion of this nature is obviously disruptive, unsettling, and disturbing for all of us. I can assure you that senior leadership and our extraordinary technology team, along with outside experts, are working round the clock to protect our collective interests.”

Read more: The Cyber Space Needs More Security Warriors

Despite the claim, it is feared that it wasn’t just a few TV episodes and a script that was leaked, but also video footage, internal documents, and e-mails. A report published by Variety, even noted that the recent hack was seven times bigger than the 2014 hack on Sony’s Hollywood Studio, Sony Pictures Entertainment intrusion. However, unlike the previous hacks this year, on Netflix and most others, cyber-criminals behind the HBO attack have not demanded a ransom.

According to reports, it is now focussed on blocking the leaked content from reaching viewers. HBO has also sent a Digital Millennium Copyright Act take-down notice to Google, which is removing links to stolen material. HBO is reportedly working with the FBI and cyber-security firm Mandiant to investigate the breach. This is the same cyber-security firm that led the Sony hack investigation in 2014.

According to Mike Thompson, Principal Architect at A10 Networks, data breaches can occur either physically or digitally “over-the-wire.” Physical data leakage can occur when someone transfers data from a user’s device to a USB drive and then walks it out the door, or even transfers it via a rogue wireless network. However, that vector is usually reserved for employees with a motive. An over-the-wire data breach can occur with various degrees of complexity, duration and effort.

“The longer the intrusion, the higher chance of being discovered or inadvertently losing access because of nightly patching or power state of the compromised system. However, if the intruder sends large amounts of data too quickly, it might raise some eyebrows. Analytics and visibility are extremely critical to help detect exfiltration events, he said.

Read more: Prevention Is Key To Enterprise Security Architecture

In May, the WannaCry ransomware created havoc worldwide, with more than 3 lakhs infected computers in over 150 countries. Though the impact and monetary loss due to these attacks is debatable, these attacks have taught the biggest lessons to the world that no one is immune to sophisticated cyber-attacks and traditional security practices are soon going to outdate in the sophisticated cyber world. 

For example, in the case of HBO data leak or similar attacks, where data is exiting the network via fast exfiltration, CIOs can use security solutions that create rules to lock down traffic in extreme circumstances, or even proactively set up policies that limit traffic. Additionally, Data Loss Prevention (DLP) systems that use the Internet Content Adaption Protocol (ICAP) to connect to the network can help prevent unauthorized data exfiltration, said Thompson.