Ransomware plot line: Netflix hackers follow script that leads to money

TV show leak is good reminder for everyone to put their digital lives in order

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

The pre­ma­ture release of the new sea­son of “Orange is the New Black” by hack­ers is no big deal. Real­ly. You can see why pro­duc­ers made the cal­cu­la­tion that stop­ping the “hack” was not even worth the alleged $66,000 or so the hack­ers demand­ed as “ran­som,” accord­ing to Tor­rent­F­reak.


Bob Sul­li­van, jour­nal­ist and one of the found­ing mem­bers of msnbc.com

Online show fans are very famil­iar with the restraint required to avoid hear­ing about plot lines before they get a chance to catch up on episodes. In fact, of all the places where the inter­net seems inca­pable of deco­rum or restraint, most inter­net users are (spoil­er alert) shock­ing­ly good at not spoil­ing shows. So we will get through this togeth­er, even if the goofi­ly named “TheDark­Over­lord” group fol­lows through on its threat to release many more shows.

Movie stu­dio hacks were (and are) much more seri­ous for mas­sive, timed movie releas­es, where the first week­end can make or break an entire invest­ment in a film. What many folks for­get about the infa­mous Sony hack in 2014 is that those hack­ers (named Guardians of Peace) ruined a major Christ­mas sea­son stu­dio release called “The Inter­view,” which was going to poke fun at North Korea’s leader.

Relat­ed sto­ry: Post­ing of Sony’s con­tracts opens Pandora’s box of liabilities

Threats from those hack­ers led to movie hous­es can­cel­ing show­ings, turn­ing the mil­lions Sony spent on mar­ket­ing into wast­ed mon­ey. Long after the movie was pulled, Sony was pay­ing for “The Inter­view” bill­boards and bus stop signs all over Manhattan.

And this is why the Net­flix “hack” sto­ry matters.

Ran­som-based hacks reap big rewards

If you read any indus­try report on the dark side of the inter­net, it’s clear that hack­ers and virus writ­ers have turned their atten­tion to extor­tion and ran­som. Syman­tec, in a well-timed study, said last week that the num­ber of ran­somware pro­grams tripled in the past year, and about two-thirds of vic­tims pay up. A study last year by Lar­ry Ponemon found much the same thing. That means ran­som-based hack­ers are rolling in cash, and thanks to all that R&D mon­ey, ramp­ing up their game.

Why are ran­som attacks so pop­u­lar? That’s where the mon­ey is. More impor­tant, that’s where the lever­age is.

Relat­ed info­graph­ic: Ran­somware ram­page takes aim at busi­ness targets

Let’s step back for a moment to a sim­pler time, when we most­ly wor­ried about stolen cred­it cards. Sure, replac­ing cred­it cards is annoy­ing and costs mon­ey to “the sys­tem.” But real­ly, it was only mon­ey. And, for crim­i­nals, there was the pesky task of turn­ing the stolen data into mon­ey, which is rather chal­leng­ing. How chal­leng­ing? A $3,000-limit cred­it card could sell for as lit­tle as $5 to $10.

Theft of intel­lec­tu­al prop­er­ty brings with it an ampli­fi­er. Some secrets are more impor­tant to some peo­ple than oth­ers. Most stolen things are hard to sell, so they sell at a big dis­count. But steal a secret, and you can sell it back to its own­er at a premium.

Spend­ing mon­ey to save face

The most pow­er­ful ver­sion of this ampli­fi­ca­tion effect can involve embar­rass­ment. What we remem­ber about the Sony hack was the stolen emails that rocked Hol­ly­wood. (Salaries were released; ram­pant accu­sa­tions of sex­ism followed.)

I shouldn’t have to remind any­one about the val­ue of the theft of Leon Panetta’s emails.

See­ing these rather dra­mat­ic dis­plays, plen­ty of oth­er com­pa­nies have paid up to avoid email hack­ing embar­rass­ment, I’ve been told by many analysts.

Oth­er kinds of intel­lec­tu­al prop­er­ty theft can be more alarm­ing. Ran­som hack­ers have long tar­get­ed hos­pi­tals, and because their sys­tems are so mis­sion crit­i­cal, admin­is­tra­tors pay. Even law enforce­ment agen­cies have paid up.

So that brings us to obvi­ous tar­gets like Net­flix. Firms that try to trade in sus­pense can be vul­ner­a­ble to this kind of intel­lec­tu­al prop­er­ty theft. One can eas­i­ly imag­ine anoth­er Sony inci­dent, where a com­pa­ny spends years and mil­lions of dol­lars try­ing to lead up to a cliff-hang­ing release that gets blown by hackers.

The real threat, how­ev­er, lies in the kind of hacks we rarely hear about. Real cor­po­rate espi­onage. Theft of plans for naval ships, for exam­ple, dubbed “eco­nom­ic war­fare.” Com­peti­tors steal­ing each other’s busi­ness plans, or secret ingre­di­ents, or employ­ee records. Mere­ly leak­ing a list of com­pa­ny salaries could wreck a firm.

Focus on the wrong threat

So as we’re all obsess­ing over the leak of a TV show, now is a good time to pause and take inven­to­ry of your dig­i­tal life. We’ve spent far too much time obsess­ing about our elec­tron­ic mon­ey, which for the most part is ridicu­lous­ly safe thanks to an incred­i­bly robust audit­ing sys­tem that’s full of backups.

Oth­er data in our lives is at much greater risk. If a hack­er encrypt­ed all your baby pho­tos, how much would you pay to get them back? If a hack­er learned all your trav­el plans for the next year, how would you feel? What could a hack­er with access to your Gmail account do? (Prob­a­bly change all your pass­words, for exam­ple). Back­ups are your only real insur­ance against many of these attacks.

Hack­ers know these things. Slow­ly, we will all learn the­ses lessons, too. Don’t be the last one to find out.

More sto­ries about hack­ers and ransomware:
Evo­lu­tion of a threat: Expect ran­somware tar­gets, meth­ods to broaden
Ran­somware attacks are a fact of life, so real-time detec­tion, response is critical
Ran­somware hits keep coming—and vic­tims keep paying