The hackers that broke into HBO’s network last week say it took six months to accomplish the feat, and that they spent $500,000 a year purchasing zero-day exploits to gain access to various company networks, according to The Guardian. The attackers claim they earn $12 million to $15 million a year from blackmailing organizations.
The group also revealed its agenda for the first time, sending a video letter Monday asking HBO CEO Richard Plepler to pay a multimillion-dollar ransom or risk 1.5TB of shows and confidential corporate data being released online. Along with the video, the hackers released 3.4GB of files.
The attack on HBO was first reported last week, when hackers claimed they took 1.5TBs of data from HBO, including yet-unreleased episodes of "Ballers" and "Room 104." Written material from "Game of Thrones" was also accessed, according to the report. One document appears to contain the confidential cast list for Game of Thrones, including personal telephone numbers and email addresses. HBO said it is continuing to investigate and is working with police and cybersecurity experts.
The entertainment industry is an attractive target for hackers, who can gain huge visibility from a successful attack. The attack on HBO proves the industry still has work to do to protect itself. But the HBO attack pales in comparison to the Sony hack of 2014 that cost the company an estimated $35 million in IT repairs, not to mention damage to the company's reputation.
Despite an increase in awareness and resources, companies are still struggling with network intrusion detection. For HBO or any company, that’s a dangerous situation.
Unfortunately, hackers appear to have the upper hand. Companies that possess valuable or sensitive information can only protect and backup their data and do their best to prevent such intrusions.