HBO recently suffered a massive cyberattack, with hackers stealing 1.5 terabytes of data from inside their network, including upcoming episodes of shows like Ballers and Room 104. But the crown jewel of the hack wasn’t even a video, it was the script to a recent episode of the most popular HBO series—Game of Thrones, including the end to season 7. The hackers also claimed to have stolen personal data of HBO employees, including confidential information which has put HBO’s commercial/ personal data at risk.
Earlier in August, the network’s chairman and CEO Richard Plepler confirmed the hack and called the recovery efforts “nothing short of herculean,” but he also said something much more important, something that many people overlooked: “The problem before us is unfortunately all too familiar in the world we now find ourselves a part of.”
Winter is coming
We often think of major data hacks as individual unrelated incidents, but when we step back and look at cybercrime as a whole, some very disturbing trends start to emerge. Historically, hackers tended to go where the money was, primarily targeting banks, merchants, retailers and other organisations that directly handled financial information and transactions. But as these organisations improved their security standards and began locking down their systems, hackers started looking for easier targets.
Trial by combat
With streaming services like Netflix and Amazon Prime leading the way, the global entertainment industry is now worth around $2 trillion. HBO by itself generates around $6.4 billion in revenue, with Game of Thrones being its most popular series.
In 2014, a group of hackers known as the “Guardians of Peace” infiltrated Sony Pictures and stole up to 100 terabytes of data. It demanded that Sony halt the release of the major motion picture The Interview, threatening terrorist attacks and causing Sony to cancel the film’s premiere and mainstream release. Just a few months ago, Netflix was hit by a ransomware attack from “thedarkoverlord” hacker group, which leaked a season of the hit show Orange Is The New Black.
Where are my dragons?
The entertainment industry (along with most other enterprises) needs to update its security model to reflect the reality of the modern IT ecosystem. Many organisations still focus on perimeter defenses—firewalls, intrusion detection systems and network access control. But perimeter defenses are only effective in protecting data inside the network. The good news is that all of the technologies needed to protect against these types of attacks are already available from companies like BlackBerry. Enterprise File Synchronisation and Sharing solutions are used by several entertainment companies to securely share encrypted files and control digital rights even after the files leave their network. Unified Endpoint Management solutions are also key in centrally securing and controlling all of IT endpoints, including desktops, laptops, mobile or even IoT devices. And finally, cybersecurity consulting services can be used to assess defenses, bringing “ethical hackers” to simulate a real-world attack.
If Game of Thrones has taught us anything, it’s that enemies will always try to find and exploit our biggest weaknesses, be they physical, mental or in this case digital. And just as in the hit HBO show, our goal isn’t to make our defenses impenetrable, it’s to make them strong enough that hackers (of both the axe or keyboard variety) simply move on to easier targets. In the end, those who adopt this rational and economic approach to risk management will have the best chance to survive the digital winter.
The writer is chief security officer, BlackBerry