How did the HBO hack happen? A cybersecurity expert has 2 theories
This Monday, we learned hackers had got ahold of 1.5 terabytes of data from HBO, and have since leaked unaired episodes of Ballers, Room 104, and Game of Thrones. HBO says it has been looking into the hack since it was discovered, but few conclusive details are known. So, Digital Trends decided to ask a cybersecurity expert how the HBO hack could have happened.
Roderick Jones is the founder of cybersecurity and privacy firm Rubica, and has been involved in cybersecurity for more than 15 years. Before he was helping Ashton Kutcher keep his data secure, he was a member of Scotland Yard’s Special Branch focusing on international counterterrorism. The cyberattacks he dealt with during his time on Special Branch are classified, but Jones does say he was involved with protecting a prominent British cabinet member.
In terms of cybersecurity in the entertainment industry, Jones said “the entertainment industry is probably five or six years behind where it needs to be.” He claims a movie studio had no cybersecurity before he helped following the massive Sony Picture hack in 2014. The damage these hacks can cause are no joke, yet the entertainment industry’s security is laughable.
Jones says hackers are usually in a system for months and believes the HBO situation may have followed the same pattern. Here is how the biggest hack in HBO history probably happened.
Jones’s primary theory is the entire hack could have been possible because HBO is using old tech to house its content. “The Wannacry attack, the ransomware that kind of shut down the health service in Britain, that was targeted at an old Windows system,” Jones said. “That has created a vulnerability for HBO. I would say that’s probably a certainty, because that’s where the weaknesses are.”
“The entertainment industry is probably five or six years behind where it needs to be.”
Windows has been a gateway for hackers to enter the entertainment industry’s computer systems, as of late. The malware used in the infamous 2014 hack of Sony Pictures targeted and manipulated Windows management tools.
Netflix lost 10 episodes from Orange Is The New Black‘s fifth season this year because the episodes were on servers running Windows 7. Larson Studios, the post-production company that Orange Is The New Black episodes were hacked from, claims the hackers were not even looking for Orange Is The New Black, just computers running Windows.
After the first four episodes of Game of Thrones’ fifth season leaked before the season premiere in 2015, HBO announced it would have critics stream advance episodes online, instead of the company sending DVDs. Stopping opportunistic TV critics is one thing, but preventing sophisticated hackers from entering your system is more complicated for entertainment companies.
“People think you can just flick a switch and say ‘oh, I’ll have cybersecurity.’ It just doesn’t work like that, because the machines they have running all of this content are going to be legacy systems. You just can’t do it overnight,” said Jones.
This is when things could get personal.
If it wasn’t Windows, it was this
Jones’s secondary theory is the hackers probably targeted individual employees. Even if HBO keeps all of its files and internal documents behind heavily encrypted security, it probably does not extend that level of security for each individual employee.
“The damage these hacks can cause are no joke, and yet the entertainment industry’s security is laughable.”
“If you’re a senior executive at one of these companies you probably have some security when you’re sitting in the office at the company. But, not when you go home,” Jones asserted. “The hackers understand, ‘I’ll just wait for you to go home. Or I’ll wait until you get a cup of coffee from around the corner of the movie studio.’”
This method of attack could be the culprit, as Variety reported hackers appear to have accessed an HBO senior executive’s personal information. Some of the information stolen may have given the hackers access to the executive’s work email, according to reports.
It is that very access Jones said could do HBO exponentially worse damage than leaked Game of Thrones episodes. “The financial damage is not through leaked episodes of Games of Thrones. It’s through details, emails between staff, all of the mechanics of the business.”
Verizon acquired Yahoo earlier this year for $350 million less than originally reported following Yahoo disclosing 32 million email accounts were hacked. AT&T agreed to acquire HBO parent company Time Warner for $85.4 billion in October 2016. With a Department of Justice investigation slowing the deal’s finalization, this hack could lead to AT&T lowering its offer or even potentially walking away from the deal.
Sony had 200 gigabytes of data stolen in 2014, and thousands of incriminating emails were released, including racially insensitive messages from Amy Pascal. Pascal resigned as head of Sony Pictures shortly after the emails became public. This time, hackers have obtained nearly six times as much data from HBO and are preparing to leak information every week. If history repeats itself, HBO may never be the same again.