Filed Under:Agent Broker, Sales & Marketing

Hackers are threatening the way that Hollywood does business

For Hollywood, hackers are threatening both reputations and businesses. (Photo by Chris Pizzello/Invision/AP)
For Hollywood, hackers are threatening both reputations and businesses. (Photo by Chris Pizzello/Invision/AP)

(Bloomberg) -- Sony. Netflix. And now, HBO.

While the 2014 hacking at Sony Pictures pushed entertainment giants to take computer security more seriously, recent incidents have exposed weaknesses throughout Hollywood’s food chain.

Last week, as HBO investigated a cyberattack on its own systems, an unaired episode of its hit show “Game of Thrones” appeared online following an unrelated breach at a pay-TV partner in India. In April, when 10 episodes of Netflix Inc.’s “Orange Is the New Black” leaked, the incident was traced to a contractor.

Hollywood is especially vulnerable


Cybercrime is a growing problem for many industries, but Hollywood is especially vulnerable because of the long chain of people who work on a show or movie in post-production, experts say. Studios rely on an army of freelancers for everything from special effects to musical scores, creating a vast network of targets for hackers. Bringing those workers in-house is an option but would be expensive and could limit the talent studios can tap.

“Hollywood will have to recognize this will continue to grow and be an issue,” said Mike Orosz, who studies cyber risk as research director at the University of Southern California’s Information Sciences Institute.

HBO requires employees to have two-factor authentication and strong passwords for their computers. They also undergo security awareness training. But the company works with many post-production freelancers that handle sensitive information on personal email accounts and personal devices, raising security concerns, according to a former employee who asked not to be identified discussing an internal matter.

“Once the content is out of your hands, it’s truly out of your hands,” Orosz said. “The security of the third-party vendor is what you’re relying on.”

HBO still investigating 


HBO is still investigating how hackers broke into its computer system. They stole episodes of Larry David’s “Curb Your Enthusiasm” and “Ballers,” a person familiar with the matter said at the time. They also stole an executive’s emails and a summary of an unaired episode of “Game of Thrones,” according to Variety.

The hackers don’t appear to have breached the company’s entire email system, Chief Executive Officer Richard Plepler told staff last week. The network, owned by Time Warner Inc., declined to make any additional comment.

Related: WannaCry means gotta act: Lessons in ransomware's wake

For Hollywood, hackers are threatening both reputations and businesses. A stolen movie that appears online before appearing in theaters loses 19% of its box-office revenue on average compared with films that are pirated after they’re released, according to a study by professors at University of Maryland and Carnegie Mellon University. People may not be willing to subscribe to Netflix or HBO if they can watch their favorite shows and movies online for free.

Ransom demands


What’s more, the wave of attacks is forcing media executives to confront a thorny question: Should they pay ransoms to hackers to get their content back? A hacker released a video this week demanding that HBO pay up to avoid further disclosures.

The FBI says that’s always a bad idea.

“We believe it perpetuates the crime in general,” FBI spokeswoman Laura Eimiller said.

Related: Cyberattacks involving extortion are on the up, Verizon says

There’s also no guarantee paying the ransom will work. In April, Netflix refused to pay a hacker who stole unreleased episodes of “Orange Is the New Black.” Larson Studios, which worked with Netflix, told Variety it paid the ransom, about $50,000, in bitcoin. The hacker, who went by the name TheDarkOverlord, dumped the stolen episodes online anyway.

Larson Studios didn’t respond to a request for comment, while a Netflix official said only that the company is “constantly working to improve our security.”

In another high profile case this year, hackers threatened to leak a stolen copy of Disney’s new “Pirates of the Caribbean” if the company didn’t pay a ransom. The company refused, and Chief Executive Officer Bob Iger said later he believed it was all a hoax.

Millions of dollars at stake


Even so, with millions of dollars at stake, some companies may decide paying is the best option, said Gary Davis, chief consumer security evangelist at the security firm McAfee Inc.

“If they got access to something like ‘Game of Thrones’ and I can pay them a couple million dollars to get that back, there’s probably a good use case,” he said.

Related: Top 10 global business risks, according to the Allianz Risk Barometer 2017

The Sony attack, which embarrassed studio executives after private emails were made public, was linked by the FBI to North Korea, which allegedly was retaliating for “The Interview,” a film about a fictional plot to assassinate leader Kim Jong Un. Some studios have reportedly removed Russian President Vladimir Putin as a character in films because they’re concerned they’ll suffer a similar fate.

Sony has learned from that attack. Michael Lynton, former chief executive officer of Sony Entertainment, started transferring emails off his computer every 10 days.

“To me, that’s the solution,” Lynton said at event hosted by Lerer Hippeau Ventures in May. “Put it in a drawer and lock the drawer.”

Copyright 2017 Bloomberg. All rights reserved. This material may not be published, broadcast, rewritten, or redistributed.

Related

Ransomware attacks leave insurers and businesses exposed

The recent WannaCry incident confirms what they and many insurers have feared — that a large-scale attack could involve entities...

Featured Video

Most Recent Videos

Video Library ››

Top Story

A dozen ways to prevent theft during the holidays

It's the most wonderful time of the year — not just for you and your family, but for thieves, too.

Top Story

10 tips for a safe and successful fundraising campaign this holiday season

Travelers’ non-profit D&O product manager Tom Herendeen offers 10 tips for non-profit organizations to keep in mind during this season of giving.

More Resources

Comments

eNewsletter Sign Up

Agent & Broker Insider eNewsletter

Proven success tips and essential information to help agents and brokers grow their practice – FREE. Sign Up Now!

Mobile Phone

Advertisement. Closing in 15 seconds.