Cybersecurity attacks on Hollywood are on the rise. But what can that tell us about potential security trends? One possible answer comes from looking into the details of a group of recent Hollywood attacks: the Sony hack of 2014, and the more recent attacks on Netflix, Disney and HBO.
Though certain details remain vague, hackers allegedly attacked Sony in relation to the studio’s film “The Interview.” The plot of the comedy revolved around an assassination attempt on North Korean leader Kim Jong Un, and some — including the FBI — claimed that the country, which took issue with the movie, was been responsible for the hack. Fallout from the incident, which potentially included threats from the hackers on theaters that would play the film, ultimately led Sony to cancel its initial plans for distribution.
In more recent months, hackers obtained unreleased episodes of Netflix series “Orange Is the New Black,” and threatened to release them prior to the season’s debut if they did not receive a ransom.
Recently, HBO dealt with its own series of hacks, as detailed in Wired. In one of those hacks, the hackers shared four unreleased episodes of HBO content and a script for a future “Game of Thrones” installment and threatened to continue to release more stolen data if not given millions of dollars.
A ransom was also demanded from hackers that claimed to have accessed Disney and threatened the release of an important studio movie, believed to be the fifth installment in the “Pirates of the Caribbean” series. Disney and the FBI later determined after an investigation that there was not actually a successful hack in that instance.
But regardless of that eventual discovery, the Disney threat, along with the similar ones posed to Netflix and HBO, are clear-cut examples of an emerging trend of “content ransom,” where hackers say they’ll block access to valuable content until monetary demands are met, or release the content if they are not. The latter scenario did actually come true for Netflix, as episodes of “Orange Is the New Black” were shared early online when no ransom was delivered.
Motion Picture Assn. of America’s content protection division head Dean Marks recently spoke to the Los Angeles Times about the trend of hackers “seizing [content] and instead of just uploading it, [contacting] the studios and asking for a ransom.” Marks described it as “a pretty recent phenomenon.”
Looking at the Sony hack in the same context, the trend could be seen to extend to potential scenarios where hackers hold sensitive information hostage in exchange for the halted release of content they don’t wish to be released (as many theorize occurred with “The Interview”), or until any other kind of desired conditions regarding the stolen material are met.
Hollywood studios — and individual celebrities whose private information leaking has large financial implications — likely face the biggest consequences of this type of security risk. But content ransom could threaten the livelihood of any company whose bottom line being met depends on maintaining ownership and control of valuable proprietary content.
That could extend to smaller companies within the entertainment conglomerate or any company in any industry revolving around the production or distribution of creative material.
Variety, as well as other previously mentioned publications, recently suggested that the biggest threat to Hollywood security could be the targeting of smaller third-party vendors responsible for outsourced elements of production. These small vendors do not have the same ability to protect against hackers as big studios.
The Netflix content, for example, is thought to have been taken through a breach at audio post-production company Larson Studios. If content ransom continues to occur and extends to targets outside of Hollywood, it isn’t difficult to imagine increased cybersecurity measures becoming a priority to all creative content companies.