HBO offered hefty ransom to hackers who stole company data



BOSTON — Hackers released an email from HBO in which the company said it was willing to pay them $250,000 as part of a negotiation over electronic data swiped from the pay-TV company’s servers.

The July 27 email was sent by John Beyler, an HBO executive who thanked the hackers for “making us aware” of previously unknown security vulnerabilities. The executive asked for a one-week delay and said HBO was willing to make a “good faith” payment of $250,000, calling it a “bug bounty” reward for IT professionals rather than a ransom.

Beyler’s email to the hackers said the company was working “very hard” to review all the material they provided, and also trying to figure out a way to make a large transaction in bitcoin, the hackers’ preferred payment method.

“You have the advantage of having surprised us,” Beyler wrote. “In the spirit of professional cooperation, we are asking you to extend your deadline for one week.”

HBO declined to comment. A person close to the investigation confirmed the authenticity of the email, saying it was an attempt to buy time and assess the situation.

In the breach, which became public July 31, hackers stole 1.5 terabytes of programming and internal communications. They have since posted scripts from several “Game of Thrones” episodes, including one that was unreleased, episodes of “Ballers” and “Room 104,” and a month’s worth of emails appearing to be from Leslie Cohen, HBO’s vice president for film programming. 

Internal documents, including a report of legal claims against the network and job offer letters to top executives, also were released. The hackers have demanded a multi-million dollar ransom.

Whether or not HBO ever intended to follow through with its $250,000 offer, the email raised questions Friday among security professionals about the importance of the data as well as how it will affect future attacks.

“It’s interesting that they’re spinning it as a bug bounty program,” said Pablo Garcia, CEO of FFRI North America, based in Aliso Viejo, California. “They’re being extorted. If it was a bug bounty, it’d be on the up and up.”

HBO has said that it is working with law enforcement and cybersecurity firms to investigate the attack, which is the latest to hit a Hollywood business.

The leaks so far have fallen well short of the chaos inflicted on Sony in 2014. In April, a hacker claimed to have released episodes of Netflix’s “Orange is the New Black” ahead of their official launch date.

But paying ransoms to hackers can be dangerous because it shows that being a bad-guy hacker is a good business, said cybersecurity expert Oren Falkowitz, CEO of Redwood City, California-based Area 1 Security. Companies would be better off investing in preventing email spear-fishing attempts and other hacking techniques, he said.

“The reason they got in this scenario is they didn’t have the right pre-emption strategy,” Falkowitz said. “The next company, whether it’s Showtime or Death Row Records or whomever, needs to see that they’re going to wake up one day to this reality unless they confront it.”

© 2017 CBS Interactive Inc. All Rights Reserved. This material may not be published, broadcast, rewritten, or redistributed. The Associated Press contributed to this report.



Source link

Leave your vote

0 points
Upvote Downvote

Total votes: 0

Upvotes: 0

Upvotes percentage: 0.000000%

Downvotes: 0

Downvotes percentage: 0.000000%

What's Your Reaction?

Cry Cry
0
Cry
Cute Cute
0
Cute
Damn Damn
0
Damn
Dislike Dislike
0
Dislike
Like Like
0
Like
Lol Lol
0
Lol
Love Love
0
Love
Win Win
0
Win
WTF WTF
0
WTF

HBO offered hefty ransom to hackers who stole company data

log in

Become a part of our community!

reset password

Back to
log in

Hey there!

or

Forgot password?

Forgot your password?

Enter your account data and we will send you a link to reset your password.

Your password reset link appears to be invalid or expired.

Close
of

Processing files…

Choose A Format
Gif
GIF format