Hackers targeting HBO struck again Monday, and they have no plans of stopping.
The latest leak from the hack—which has been exposing pertinent info from the television network for nearly two weeks—were files labeled as “confidential” and included the script summary for an upcoming "Game of Thrones" episode, emails from an HBO executive and the personal phone numbers of some "GoT" stars.
To escalate matters, the hackers are now demanding a ransom in exchange for the rest of their material, just as HBO is trying to sweep this situation under the rug.
All things considered, what does this really mean for HBO? We’re laying out everything you need to know, complete with cybersecurity experts’ analysis of this heated situation.
Here’s everything we know.
In late July, the hackers, who called the incident "the greatest leak of cyber space era," leaked full episodes of "Ballers" and "Room 104", as well as part of a script from an upcoming "Game of Thrones" episode. This initial cache of content was nothing more than proof, though—proof that there was a total of 1.5 terabytes of data in the hackers’ possession to be exposed at their discretion.
The network responded to first reports of the hack with a statement that read, in part, “HBO recently experienced a cyber incident, which resulted in the compromise of proprietary information. We immediately began investigating the incident and are working with law enforcement and outside cybersecurity firms. Data protection is a top priority at HBO, and we take seriously our responsibility to protect the data we hold.”
HBO chairman and CEO Richard Plepler also responded to the hack with an email to company employees, informing them of the incident and attempting to alleviate concerns. Remember Plepler’s name; this isn’t the last you’ll hear of him.
Nearly a week later, the hackers released a mountain of information to outlets, including The Hollywood Reporter. Among this data was an upcoming script summary for "Game of Thrones" and a month’s worth of “confidential” emails from the network’s vice president for film programming. Some reports say the leak also included the personal phone numbers of stars like Lena Headey, Emilia Clarke and Peter Dinklage.
This leak confirmed the hackers have access to more than the network’s programming, which could extend to an extensive bank of company emails or even users’ personal information.
With the August 6 release, the hackers also included a video message to Plepler that says, "We successfully breached into your huge network. … HBO was one of our difficult targets to deal with but we succeeded (it took about 6 months)." They listed the extent of the property they’ve stolen as well, claiming to have un-aired episodes of hit shows and other confidential company data.
Also in the message was a ransom request for the bitcoin (untraceable cyber money often used by hackers) equivalent of their six-month salary. They claim that they make $12-$15 million each year, so they're demanding at least $6 million from HBO.
In the ransom video, the hackers claim HBO is their 17th cyber target, and only three previous targets have refused to pay.
What should happen next?
As of now, HBO’s focus was last made clear in a statement from Plepler to company employees. "As we said, the forensic review is ongoing. While it has been reported that a number of emails have been made public, the review to date has not given us a reason to believe that our e-mail system as a whole has been compromised.”
He asserted that, while teams were hired as a clean-up crew, it’s business as usual for HBO. ”We continue to work around the clock with outside cybersecurity firms and law enforcement to resolve the incident. Meanwhile, our dedicated employees continue to focus on delivering the high quality of entertainment and service for which we are known."
But those cybersecurity firms and the police can only work to tighten up the current security of HBO's network, not take back the 1.5 terabytes that's been stolen from them. So what's the company to do?
"From a security standpoint, HBO should practice good cyber hygiene (update security systems, inform employees of suspicious emails, etc.)," says Frances Zelazny, vice president of BioCatch, a cybersecurity firm specializing in fraud prevention and detection. "[They need] a combination of good authentication, good anti-malware, and real-time continuous authentication on their machines and networks to make sure people are really who they claim they are. Either way the damage is done – the important part is now it is time to clean it up."
Zelazny notes that the list of tactics hackers could have used to infiltrate the network is endless, including brute forces attack, phishing emails, business email compromises using employee credentials or hacking the system at large. The goal now, she says, is to tighten close those potential holes.
With this corporate-focused clean-up, one cybersecurity expert says there's one area HBO is likely overlooking completely.
"What they are unlikely to be looking at are the personal digital lives of key HBO employees and executives," says Roderick Jones, founder of digital security firm Rubica. "This remains an overlooked field in cyber security defense but it isn’t overlooked by the hackers who will be looking to probe any and all organizational weaknesses."
Since the hackers have demanded a pay day, if the current leaks of information don't get the job done, they may resort to more personal matters to up the ante.
And what about that money? How will HBO respond to this high-priced ransom?
There's no law against paying, Jones says, as "the rules of the road in cyber-space are still being formed so there are no clear policy guidelines at this time." Still, he doubts that the network will reach for its checkbook. "Given the now high-profile nature of the case, it seems unlikely HBO would pay a ransom given the potential to set a significant precedent and of course provide funding to hacker groups."
He also notes that the hackers' motivations are financial, based on their behavior thus far. "If they had wanted a big pay day, a better tactical approach would have been to approach HBO discretely. A refusal would presumably trigger a release of the entire set of data the hackers have stolen and the reputation and financial damage to HBO that comes along with that, which seems to be the direction the attackers are going after despite the attempts at setting up a ransom scenario."
Are everyday users safe?
What should be the scariest part of this whole situation is that the current information hackers have admittedly obtained likely doesn't add up to 1.5 terabytes of data. If the hackers are telling the truth, they could have access to more emails or personal data of employees, or that of general HBO users.
"The dangerous part is that the hackers may have financial data/personal information of people with HBOGO or HBONow accounts, so the population at large is also the victim in this attack," Zelazny says. "HBO’s responsibility is to be upfront on what exactly was stolen so consumers could be on high alert as well - they are ultimately the ones who are going to be affected."
While the hackers haven’t suggested they have access to users’ personal data, this should be a concern for the public during this time of uncertainty.
You may not think watching Game of Thrones (which saw its highest viewership ever last week, despite these incidents) may directly affect your cyber security, but hacks such as this are becoming all but a rare occurrence.
“Americans and businesses should focus on cyber hygiene and keeping themselves informed," Zelazny instructs. "It is all like a loop, the company needs to do what they need to do to protect the 'average Joe' while also understanding the status quo of threat prevention in order to protect themselves. Once you start putting up the chain of events, the fraudster has everything they need – people get fixated on the hack itself and don’t realize fraudsters already have their info for other personal accounts (social media, banking, etc.). This is important to realize in order to protect themselves from the fraudsters hacking into their other personal accounts.”
And even if your personal isn't in jeopardy in this instance, don't think you'll sneak away from this attack unscathed.
"The American public has sadly become used to the constant drumbeat of hacks against companies that hold more personal data than HBO such as health insurance companies and financial institutions, so I doubt the hack will change public perceptions of HBO immediately," Jones admits, but he says the hack could still affect your bank account in other ways.
"Financial perceptions of HBO may change more quickly given the likely cost of this hack and the potential write-down, which HBO could experience as a result. This in turn will create secondary level effects, such as HBO subscription prices having to be increased, which is where the public will begin to see the cause and effect of cyber-attacks," Jones warms. "Given the popularity of GoT, the final season could be offered as a pay-to-view only deal to pay for these attacks, which is the true way to monetize excellent content rather than leaking it and demanding ransom!"
So HBO users, while you sit back and watch the madness unfold, you may want to keep an eye on your own information.