Ken Westin, senior security analyst at Tripwire (www.tripwire.com):
After the Sony breach many are wondering if HBO may have been hacked and believe that could be the source of the leaked episodes. However, I believe this is not a traditional hack where HBO’s network was compromised, but an example of supply chain security in relation to data. There is a great deal of demand for Game of Thrones episodes as it has an incredible fan base so there is a great deal of motive to find and leak the material. The motion picture industry is compromised of multiple partnerships, no one studio does everything from beginning to end, things like effects, audio mastering, translation and subtitles and a whole host of other work may be farmed out to other entities.
The marketing process as well requires that “Screeners” be provided which are discs provided for people to review the movie or episodes before they are provided to the general public, either for awards considerations or other purposes. These screeners are watermarked and require a legal agreement not to share the material, however these watermarks can be found and blurred so they cannot be identified when movies are then leaked.
In many respects the same risks that a movie may go through mirrors that of customer data or other forms of intellectual property, where multiple parties may use the data and it can be passed around and accessed by many different parties. The more demand there is for a given type of data and the more people involved who have access to it the more likely it is to be compromised by a trusted insider.
Tripwire, Inc., a global provider of risk-based security and compliance management solutions, today announced Tripwire® Enterprise™ version 8.3 featuring a new, stand-alone Policy Manager™. Tripwire Policy Manager provides the detailed visibility into system configurations critical to minimizing security risks and ensuring compliance.