Time Warner’s pay-TV network HBO on Wednesday admitted that it had been targeted by a cyberattack, confirming an anonymous email the alleged hackers distributed to media outlets last weekend.
Among the content that may have been compromised were upcoming episodes of the series Ballers, Barry and Room 104, along with script outlines of the channel’s hit show Games of Thrones.
In total, the hackers may have obtained 1.5 TB of internal company documents. However, they apparently did not access any actual episodes of Game of Thrones, and no upcoming episodes have appeared online.
Some of the hacked content was listed in a Reddit inventory that since has been deleted.
HBO quickly downplayed the attack. It was unlikely that the cable company’s email system had been compromised, CEO Richard Plepler said in an email to employees.
Not Just HBO
This is not the first such attack to victimize a media company. Hackers earlier this year obtained episodes from the then-upcoming season 5 of the Netflix series Orange is the New Black and threatened to release the content unless a ransom was paid.
Netflix refused to pay up, however, and accepted that some episodes were leaked online.
Sony remains the biggest Hollywood hack victim, a title thrust upon it late in 2014, when approximately 100 TB of data was uploaded to the Internet. It included employee emails, personal financial data and some film content.
The Sony hack purportedly was carried out by hackers working on behalf of North Korea in response to the studio’s then new film The Interview, which offered a satirical look into the so-called Hermit Kingdom.
The common denominator in these hacks is that the companies involved all have been coy about the amount of information they were willing to share.
“As with many such things, probably the details that are public today tell only a small part of the story,” said Jim Purtilo, associate professor in the computer science department at the University of Maryland.
“Companies have every incentive to remain as terse as possible since they are looking at their liability, corporate branding overall, and of course their need not to connect too many dots for intruders who might not fully appreciate what they ripped,” he told TechNewsWorld.
“I have not yet offhand heard much on the intrusion mechanism,” Purtilo added. “We won’t know a reason until some arrest would be made, but at this point I’d presume this was just another target of opportunity.”
Hacking for Fun or Profit
Although the motive behind HBO attack is unclear, it doesn’t seem to be financial gain.
“At first glance, the HBO hack has the look of a smash-and-grab event, where intruders took what looked interesting and valuable, and vamoosed,” said Charles King, principal analyst at Pund-IT.
“Though links to a pair of Game of Thrones episodes have cropped up, the stolen data mainly consisted of company documents, including employee emails, personnel records and scripts of a few unaired HBO shows,” he told TechNewsworld.
The motive could be relatively mundane.
“You have to understand that the reasons hackers attack certain sites vary greatly,” noted Jim McGregor, principal analyst at Tirias Research.
“Hackers are often very similar to mountain climbers — they do it just because it’s there and it’s a challenge,” he told TechNewsWorld.
“I would suspect that it is likely driven just to get access to HBO content,” McGregor said, “but with the amount of information taken, they may have gotten much more, including customer data and HBO internal documents.”
Given the fact that content is so expensive to produce, and that it routinely is pirated, it’s questionable whether future hackers will consider it valuable enough to exploit..
“Hacking can also be a business model where the information taken is held for ransom,” McGregor pointed out.
“Whatever the reason, no company is really off limits today,” he said, “but the bigger and more prominent you are, the bigger target you become for a wider variety of hackers.”
Given the growing volume of original content from HBO, as well as its competitors such as Netflix and Amazon, this event could signal an escalation of attacks against independent entertainment vendors and platforms, Pund-IT’s King warned.
Attacks may not have financial drivers — they could be politically or socially motivated.
That said, “HBO’s hackers appear to be unmotivated by political or other fundamental issues,” King suggested.
“That makes the event quite different than the 2014 Sony hack executed by the ‘Guardians of Peace,’ who were later identifiedas North Korea-supported hackers who were retaliating against Sony’s film, The Interview, which parodied North Korea’s leader, Kim Jong-un,” said King.
“Unless HBO’s hackers release more damaging or controversial data, or are aided by Wikileaks, this event is likely to be less disruptive than the Sony hack,” he observed. “That said, it should still inspire Netflix, Amazon and others in the entertainment and film industries to examine and shore up their network security — or be the next in line to be hacker targets.”