Recent HBO hack could spur better cybersecurity practices

It’s time for businesses to update, fortify their shield against threats

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

Add HBO to the grow­ing list of com­pa­nies vic­tim­ized by a seri­ous cyber­se­cu­ri­ty inci­dent. Accord­ing to The Asso­ci­at­ed Press, cyber crim­i­nals stole 1.5 ter­abytes of cor­po­rate data, includ­ing some HBO shows and sent a ran­som video to CEO Richard Ple­pler in which the hack­ers demand­ed a ran­som worth mil­lions in bitcoin.

As of this writ­ing, there is still a lot of mys­tery sur­round­ing the HBO attack. “Beyond the already released pro­gram­ming and ‘Game of Thrones’ episode out­line, it’s unclear exact­ly what else the hack­ers might have,” Grant Rind­ner wrote in a Vox arti­cle. “One major con­cern is how much of the data might go beyond HBO pro­gram­ming to include com­pa­ny finan­cial doc­u­ments, employ­ee emails, or the per­son­al infor­ma­tion of employ­ees and customers.”

Relat­ed arti­cle: Par­al­lels to ear­li­er Net­flix hack

It’s also been dif­fi­cult to deter­mine the motive behind the HBO hack. It ini­tial­ly appeared to be more about caus­ing dis­rup­tion and gain­ing atten­tion than about actu­al finan­cial gain. Once the hack­ers accessed the data, they reached out to the media in hopes of secur­ing inter­views and spread­ing the data, instead of ask­ing for mon­ey or any­thing else. Then at one point, par­ties cast­ing them­selves as the hack­ers issued a video demand­ing $7.5 mil­lion, threat­en­ing to release more TV scripts and oth­er sen­si­tive busi­ness documents.

Motive not always necessary

Fer­ruh Mav­i­tu­na, Netspark­er CEO

It’s a com­mon mis­con­cep­tion that hack­ers only tar­get pop­u­lar orga­ni­za­tions and that they always have a motive,” said Fer­ruh Mav­i­tu­na, CEO of Netspark­er, a web appli­ca­tion secu­ri­ty scan­ner. “Any busi­ness that is con­nect­ed to the inter­net is a poten­tial tar­get; hack­ers do not always need a motive. Every busi­ness with an online pres­ence is a tar­get, and hacks hap­pen daily.”

There have been some leaks of data clear­ly com­pro­mised from the HBO hack, includ­ing phone num­bers and email address­es of the “Game of Thrones” cast. These leaks, as well as the leak of an unaired ver­sion of the show, came via media com­pa­ny Star India. While it is unknown if the two attacks are relat­ed or con­duct­ed by the same hack­ers, Jeff Hill, direc­tor of prod­uct man­age­ment with Preva­lent, point­ed out how the attacks high­light the dan­gers of third-par­ty vendors.

Keep­ing tabs on vendors

Does HBO require its ven­dors to deploy data loss pre­ven­tion or oth­er secu­ri­ty tech­nolo­gies that could poten­tial­ly flag the nefar­i­ous exfil­tra­tion of a giga­byte-size file nec­es­sary to cap­ture an entire episode of an hour­long tele­vi­sion pro­gram?” Hill asked. “Does HBO even know if this vendor—or oth­ers for that matter—are com­mit­ting to data secu­ri­ty poli­cies and invest­ments that would reduce the risk of such embar­rass­ing and expen­sive inci­dents? Sad­ly, if not, that would place HBO square­ly in the majority.”

Know­ing the secu­ri­ty prac­tices of a ven­dor is one les­son learned from the HBO attack, but that’s scratch­ing the sur­face. The HBO attack high­lights sev­er­al issues that busi­ness­es need to con­sid­er going forward.

Satya Gup­ta, Vir­sec Sys­tems founder and CTO

First, a breach of this mag­ni­tude goes well beyond the imme­di­ate dam­age. Rep­u­ta­tion­al dam­age can linger a long time, Vir­sec Sys­tems founder and CTO Satya Gup­ta, explained. In the spe­cif­ic case of HBO, the attack comes as its par­ent com­pa­ny, Time Warn­er, is the tar­get of a pos­si­ble acqui­si­tion by AT&T. Will this impact the sale in some way, as the Yahoo breach slowed down that company’s acqui­si­tion by Verizon?

Breach­es get C-suite attention

Anoth­er fac­tor from major breach­es like Tar­get and Sony is that this instant­ly becomes a board-lev­el issue, Gup­ta said. “And heads roll—maybe not lit­er­al­ly, like in ‘Game of Thrones’—but breach­es can be career-end­ing for CISOs, CIOs, and oth­er C-lev­el execs.”

The HBO attack serves as a reminder that too many secu­ri­ty sys­tems are out of date and eas­i­ly bypassed by smart hack­ers. Most secu­ri­ty is back­ward look­ing, try­ing to block yesterday’s threats and look­ing for pre­vi­ous­ly iden­ti­fied mal­ware. Hack­ers who are high­ly resourced and inno­v­a­tive will be able to con­duct attacks that fly below the radar of con­ven­tion­al secu­ri­ty tools.

Jonathan Sander, STEALTH­bits CTO

As sur­pris­ing as the lack of focus on the type of doc­u­ment data that was stolen is, what’s even more sur­pris­ing are the basic secu­ri­ty steps most orga­ni­za­tions could take to lock this data down much bet­ter,” said Jonathan Sander, CTO with STEALTH­bits.

Sander rec­om­mends that orga­ni­za­tions do the fol­low­ing to beef up their secu­ri­ty steps:

• Add new tech­nolo­gies to the secu­ri­ty toolkit
• Ensure there are no places with too much access for all employees
• Basic cleanup of old, unused data and accounts
• Basic mon­i­tor­ing of how peo­ple use data

Improv­ing sim­ple secu­ri­ty prac­tices will go a long way in keep­ing orga­ni­za­tions safe from the worst of these attacks.

More sto­ries about busi­ness security:
Secu­ri­ty rat­ings help expose con­nec­tions that can put orga­ni­za­tions at cyber risk
Self-train­ing pro­grams for IT staff, execs effec­tive­ly boost cybersecurity
Ran­somware attacks are a fact of life, so real-time detec­tion, response is critical


Posted in Featured Story