Cyber Goes To Hollywood

What is it about the TV and Film industry that makes it so attractive to cyber-criminals? In the first of a series of articles C-RW will take a look and try to come up with a few answers.

?

Last month Sony notified almost 7,000 staff that their data had been compromised in a breach that took place earlier this year. According to a report at?Bleeping Computer, the hack was the work of ransomware gang “Clop” who were able to “[expoit] a zero-day vulnerability to the MOVEit Transfer platform.”

?

That awkward internal memo came hot on the heels of a claim by the hacker group RansomedVC?in September that they had stolen reams of proprietary data from Sony. “We have successfully compromissed all of sony systems. We wont ransom them! we will sell the data. due to sony not wanting to pay. DATA IS FOR SALE” boasted the hackers whose cyber skills are clearly superior to their spelling and grammar.

?

It all has uncomfortable echoes of the devastating 2014 cyber-attack that reduced Sony Pictures to its knees. That attack, believed to be the work of the North Korean “Guardians of Peace” group, announced itself to employees who found images of the severed head of CEO Michael Lynton on their screens when they logged on one morning a few days before Thanksgiving. The company was forced to shut down all computer systems plunging the vast Sony Pictures empire into the digital dark ages without access to even the most basic email.

?

And then things got worse …. IT teams worked 24 hour days and dusty boxes of long unused Blackberries were hastily opened as staff tried to find workarounds but the reality was shocking. Along with the theft, the hackers deleted data from Sony systems using a variant of the Shamoon malware. As the New York Times noted “Everything and anything had been taken. Contracts. Salary lists. Film budgets. Medical records. Social Security numbers. Personal emails. Five entire movies, including the yet-to-be-released “Annie.”

?

And then things got even worse….. In a series of agonising leaks the hackers stoked up the Hollywood gossip machine by drip feeding excruciatingly embarrassing emails between senior executives.

?

And then things got even worse than that…. The hackers turned the screw. It appeared their aim was to halt the release of the James Franco film “’The Interview” which took a satirical look at North Korean leader Kim Jong-Un. Sony Pictures management were in a bind, if they pulled the film they would look like they were giving in to blackmail but, if they didn’t, they would face a continuing cyber onslaught. In the end they flip flopped, incurred the public criticism of then President Obama and lost the support of many of their staff some of whom sued them over personal data breaches. It was an omnishambles that left co-chairman Amy Pascal – who actually comes out of the whole mess with some credit – addressing a staff meeting with these words “I’m so terribly sorry. All I can really do now is apologize and ask for your forgiveness.”

?

Her apology was more about the nature of what was leaked than the breach itself and that is the point. What made this such a big story was that unseen films were released and confidential data about big stars was suddenly popping up on Gawker and Twitter. This is what makes media companies such a tempting target for ransomware, as Forbes magazine put it, “The entertainment industry is a gigantic ever-accelerating hype train everyone wants to ride….” Which, roughly translated, means that whether it is stealing IP, leaking embarrassing information about famous people or just stopping a big budget production in its tracks there is immense scope for bad actors (not of the Nicholas Cage kind) to exercise a lot of leverage over media companies if they can find a way in – which they often do.

?

What interests us at C-RW is that this is not just a problem for the media giants like Sony. It is a problem for everyone in the sprawling supply chain that supports the creation of TV and film content.

?

More of that in our next article.