Looking into the recent HBO breach, where 1.5 Terabytes of data was stolen from the company’s internal network, Mark James, ESET IT Security Specialist, discusses possible motivation for hackers.
The hackers who breached HBO’s internal network stole 1.5TB of data and are slowly leaking it to the public. Some of it was sent to the press, via an email with a link and the promise to release more soon. They stated that they wanted people to ‘enjoy it’ and ‘spread the word’, as they released unaired script for Game of Thrones season seven, and Ballers.
There has been some speculation as to the similarities of this security breach to the Sony Pictures attack in 2014, where a hacker group called ‘Guardians of Peace’ leaked confidential data from Sony Pictures.
The data stolen included personal information about employees and their families, emails between employees, information about salaries, and copies of then unreleased films.
This is only speculation, however, so we ask Mark James, ESET IT Security Specialist, what could be said about the hackers and their likely motivations.
“1.5tb of data is huge. The likelihood of this coming out in one go is extremely low, and probably was the work of a few persistent attacks over a sustained period, as to try and remove this quantity of data in one go surely would have alerted someone somewhere.
“Most of the hacks we see around today have a monetary value, either through direct finance or as a stepping stone to identity theft or stealing credentials. Generally speaking, gone are the days hacking is done for fun or notoriety.
“However, every now and again we see them pop up, and this is almost certainly one of those cases. It could easily have been an opportunistic malware attack that returned some interesting credentials.
“That info was then used to ‘test’ entry into the network, and it was successful.
“Once in, you pretty much can do anything you want as long as you’re careful.
“Well written malware these days is designed to be stealthy, it doesn’t want to slow your machine or cause chaos because that rings alarm bells. It just wants to sit in the background avoiding detection doing its job.
“As our digital world and existence is increasing, then the targets are getting more lucrative. If you want your 15 minutes of fame then releasing something no one else has this will be the way to do it.”
Have you managed to avoid spoilers so far? Let us know on Twitter @ESETUK.
Join the ESET UK LinkedIn Group and stay up to date with the blog. If you are interested in seeing where ESET has been featured in the news then check out our ‘In the news’ section.