The HBO Hack

The hackers have apparently gotten fed-up with the pace of HBO “negotiations” and have released more data. Report: HBO wanted to pay $250,000 to the ‘Game of Thrones’ hackers – BGR

I am mostly interested in this hack because of the window it provides into the workings of Hollywood in general and HBO in particular. The level of arrogance in the face of having no leverage is simply amazing. Or maybe not, considering that it is Hollywood.

HBO wanted to pay $250K. The hackers want $6 million. Can you see where this is headed?

But the negotiations with HBO aren’t going well, a new report explains. The hackers have yet to receive their money, which is why they leaked a purported email exchange with an HBO exec to Hollywood Reporter. The HBO exec apparently crafted a very carefully worded reply to hackers, which avoids any language that would make HBO look like it’s ready to pay attackers off.

The “unnamed executive” asked the hackers to show “professional cooperation” and extend the deadline by a week (as HBO reviews the material the hackers provided.) Can you guess what the hackers did? In the spirit of professional hackers they upped the ante.

The hackers leaked the email because of the money. “It’s just about money. We have weeks of negotiations with HBO officials, but they broke their promises and want to play with us…,” they said.

They released the offending email, and the also released the personal contact information for some of the stars of Game of Thrones. The hackers have said that they spent 6 months working their way into HBO to get this data, and now they want their payday. They aren’t too worried about legality, or “professional courtesy” or any of that. You can tell because they’re black-hat hackers.

Personally I don’t like to see people pay ransoms, even when I understand why they do. “If you give a mouse a cookie, he’s gonna want a glass of milk.” Feeding the beast is not a good way to make the problem go away. If you finance something, you will get more of it.

I don’t think Hollywood is on board with the whole “we have you over a barrel” Concept. I have said for sometime that they have a warped sense of the universe because the stars and executives are treated like pampered flowers, with assistants getting them whatever they want. It turns out that the delaying tactics are part a ruse to allow the FBI/other parts of the 3-letter-acronym-universe find and arrest these guys. But I doubt it will have the effect they are hoping for.

This is still about a hack, and I’m not sure that Hollywood is doing anything to fix these problems. If you saw any of the articles after the hack was first announced, you would see nothing but excuses – about subcontractors and many organizations doing the work on special effects or whatever, but mostly excuses about security being hard. (Here is a new WSJ article that has excuses in the 3rd paragraph.) That WSJ article goes on to say meaningless things like “individual units are being encouraged to take on more autonomy and responsibility for their own technology infrastructure.” Which sounds a lot like, “you’re on your own,” or “Good Luck with that!”

No security isn’t simple. But it is really hard to do anything meaningful with a budget of zero except for the PR hack saying why it can’t be fixed.