Reports have emerged that entertainment company HBO has suffered a breach and upcoming episodes of the popular show – Game of Thrones have been leaked online. IT security experts commented below.
Terry Ray, Chief Technology Officer at Imperva:
“Another large entertainment provider has had data stolen and it’s the attackers that are bringing it to light. While we don’t know the specifics yet, it is common that companies become aware of a breach only once the data has been shared beyond the attacker, this was further highlighted in a Verizon Data Breach Report a few years back. However, there are also cases, like one at a defense contractor, also a couple of years ago, where the victim knew the data was being stolen but had to let it go while they determined that no further hidden holes existed, before shutting of the data leak in an effort to prevent a rush volume of additional data loss. They too lost over a terabyte of data.
“In this new case, the attackers claim to have 1.5 terabytes of data from HBO – and we don’t know how long they have been accessing the HBO system or what additional data – financial, email, employee info – the attackers may have in addition to the episodes and scripts. Since most organizations will get hacked at one point or another, organizations should ask themselves what is their sensitive data, where is their sensitive data and try to invest in protecting it. Businesses can invest in solutions that help them pinpoint critical anomalies that indicate misuse of enterprise data stored in databases and file servers, and that also helps them to quickly quarantine risky users to prevent and contain data breaches proactively.”
Richard Stiennon, Chief Strategy Officer at Blancco Technology Group:
“This is a great example of why data governance is becoming so important. Ever since the infamous attack on Sony Pictures, there is evidently an appreciation on the part of hackers for stealing high value content such as movies (Pirates of the Caribbean) and TV shows (Orange is The New Black). Final production videos are a class of information and the theft of such information poses extraordinary losses, if stolen.
Content producers and all the parties involved in shooting, editing and post-production processing and distribution should be on high alert. They should immediately review their data governance policies and discover the weak links in protecting their content and shore up their defenses. An information governance policy should take into account where critical content resides at all times. That content should be protected even when it’s in the hands of third party service providers. To avoid these types of losses, this type of content and all files associated with it should be securely erased when it is no longer required.”
Michael Patterson, CEO at Plixer:
“Any organizations that gain revenue from the distribution of digital entertainment content should take notice. The data files involved are very large, and if the hack is exfiltrating them across the network, the movement of this data should be noticed. Systems like network traffic analysis can monitor for data theft, even when it leaves the organization in a low and slow fashion. The risks are high, and the investment in such technology is, in comparison, low.”
.
Anton Grashion, Managing Director-Security Practice at Cylance:
“Often hackers’ motivation behind such attacks is money. But that’s not what motivated this. I think sometimes the classic Means, Motive and Opportunity triumvirate collapses to Means and Opportunity with motive being defined by the fact that there is an opportunity. At the end of the day its someone wanting something that someone else has – in this case in digital form. This will always be the case in corporate networks which is why we will always need cybersecurity.”
.
Chris Olson, CEO at The Media Trust:
“This intrusion goes to the heart of operationalizing data governance policies. Enterprises need to adopt compliance mechanisms to ensure their data protection policies–including data unknowingly collected by third parties from website operations–are actively monitored and enforced.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.