Support NeoGAF

[KSweeley]

The recent hack of HBO is apparently very massive and is 7 times larger than the Sony Pictures hack according to this THR article: http://www.hollywoodreporter.com/news/hbo-hack-insiders-fear-leaked-emails-as-probe-widens-1025827

The company is reeling from a sophisticated cyberattack that potentially compromised seven times the amount of data stolen in the Sony hack as the FBI investigates potential culprits.

On July 27, Richard Plepler's worst corporate nightmare unfolded. The HBO CEO learned that his company's network had been breached by an apparently coordinated cyberattack that experts explained could expose a staggering 1.5 terabytes of data. That would be roughly seven times the size of the epic 2014 hack of Sony Pictures.

The attack was sophisticated, insiders tell The Hollywood Reporter, targeting specific content and data housed in different locations, suggesting multiple points of entry. Even more chilling, there was no ransom demand, say sources, leaving the motive in question and raising the specter that video footage, internal documents or even email correspondence could be leaked.

Two days later, HBO sent an alarming email on a Saturday to its 2,500-plus employees, notifying them that the company had been hit, followed by a second email warning staff not to open suspicious emails. On July 30, hackers going by the name of little.finger66 boasted to the media about pulling off "the greatest leak of cyber space era" [sic]. As a teaser, they provided a link to a script for an Aug. 6 episode of Game of Thrones and promised much more. At the same time, unaired episodes of Ballers and Room 104 began surfacing online.

To put in context the 1.5 terabytes — or 1,500 gigabytes — claim, in the Sony case, about 200 gigabytes of data was released online, a damaging deluge that brought the studio to its knees and led to the ouster of then co-chair Amy Pascal. "A traditional business-grade DSL link would take about two weeks at full blast to exfiltrate that much data," says Farsight Security CEO Paul Vixie, noting that a finished Blu-ray is about 30 gigabytes. "If not for video and sound, a corporation the size of HBO might fit [entirely] in a terabyte, including all the email and spreadsheets ever written or stored."

Adds Ajay Arora, CEO of security firm Vera, "The entire Library of Congress is estimated to contain 10 terabytes of print content. As such, it's hard to believe that video and/or audio are not part of what was stolen. It will be interesting — and terrifying to HBO and their parent, Time Warner — to see what comes out."

Sources say HBO is working with the FBI and cybersecurity firm Mandiant, which led the forensic investigation on the Sony hack (ironically, Mandiant also was targeted by hackers around the same time as the HBO breach). The FBI and Mandiant declined comment, and HBO wouldn't elaborate beyond a statement acknowledging the hack.

At press time, it was unclear what exactly the HBO attackers had taken, even to those investigating. In a July 31 email to staff, Plepler characterized the stolen items as "proprietary information, including some of our programming." Insiders say hackers pilfered a combination of media-rich data and text. Though full or partial episodes of Game of Thrones — the crown jewel of the HBO lineup — would be problematic, it's the prospect of stolen text that is far more alarming.

"At 1.5 terabytes, it could be a whole block of TV, or worse, it could be emails, financial documents, employee or customer information," says Erik Rasmussen, a former deputy prosecuting attorney and special agent with the Secret Service who now works at the cybersecurity firm Kroll. "The fact that you have law enforcement and a [cybersecurity] firm involved most likely means this will be a very large incident for HBO."

Hollywood has been under siege from cyber criminals. In the past year, at least six studios and talent agencies have been hit with extortion attempts, including Netflix, UTA and WME-IMG. Netflix balked at ransom demands, and the collective known as TheDarkOverlord released 10 episodes of Orange Is the New Black ahead of its June debut.

Privately, security experts say the HBO hack appears to be far more vicious. One insider calls it "nefarious" because it was targeted to specific content and data (as with Sony) and not simply a trawling sweep (as was the case with the Orange Is the New Black heist).

 

[Random Human]

How the hell do you steal that much data?!

 

[George Oscar Bluth II]

I didn't know they got hacked.

 

[Garou]

Just because the GB-number is higher doesn't make this "more" catastrophic. The worst about the Sony-leak were emails which are completely irrelevant in terms of amount of data.

 

[EloquentM]

My account information I just signed up for go 😩

 

[Mushroomer25]

I find it wierd they're measuring the scope of this attack in terms of data size. A terrabyte isn't some impossibly large cache of data - it's very average. All this seems to mean is that the hackers got a hold of more video content than what came out of Sony.

 

[BronsonLee]

Russia and North Korea REALLY wanted those Game of Thrones eps

 

[PixelatedBookake]

My account information I just signed up for go 😩

Saaaaaaame. But I used a gift card for the free trial thoooo 😉

 

[CLEEK]

I wonder if this came as retaliation to HBO stating they were going to hunt down and punish people who pirate Game of Thrones? The time frames are tight, but the hack happened a couple of days after HBO went to press about how they're gong to "declare war" and aggressively target people they believe have downloaded GoT.

 

[SpaceWolf]

Will this lead to Marvel getting the rights back to Tyrion?

 

[Permanently A]

The Lannisters send their regards.

 

[EloquentM]

Saaaaaaame. But I used a gift card for the free trial thoooo 😉

With a name like pixelatedbookake you better be about censoring your information 😩

 

[MIMIC]

How the hell do you steal that much data?!

They downloaded the car and drove it through the server

 

[Random Human]

I find it wierd they're measuring the scope of this attack in terms of data size. A terrabyte isn't some impossibly large cache of data - it's very average. All this seems to mean is that the hackers got a hold of more video content than what came out of Sony.

Oh, is this not a lot? It seemed like a huge amount of data, ha.

 

[Spaced Harrier]

Some reports suggest that hackers now control an area of the Internet the size of Ireland.

 

[gdt]

This is dumb. The Sony hack brought down hellfire because of all the goofy shit in the emails

This hbo one seems to be just videos and episodes. After this season is over, no one will care

 

[louiedog]

Oh, is this not a lot? It seemed like a huge amount of data, ha.

A couple of friends recently bought 8 TB external drives for like $130. 1.5 TB is like 11 copies of Gears of War 4 on PC.

edit: Or like 20-30 copies of most modern AAA games.

 

[jobrro]

How the hell do you steal that much data?!

All it takes is a few good men.

 

[Neece]

I find it wierd they're measuring the scope of this attack in terms of data size. A terrabyte isn't some impossibly large cache of data - it's very average. All this seems to mean is that the hackers got a hold of more video content than what came out of Sony.

I would guess that is what they hope happened.

If it's 1.5 tb of mostly video, then whatever, they stole some videos of upcoming episodes and will dump them online for the people that care to watch them. Sucks, but not devastating.

If it's 1.5 tb of mostly company data, then they have the entire companies emails, financial information, plans for the future, etc which can have far more wide range and damaging consequences.

 

[gdt]

I wonder if this came as retaliation to HBO stating they were going to hunt down and punish people who pirate Game of Thrones? The time frames are tight, but the hack happened a couple of days after HBO went to press about how they're gong to "declare war" and aggressively target people they believe have downloaded GoT.

Did HBO really say that? I've always basically heard the opposite from them.

 

[gdt]

This title is so so so so dumb.

 

[ZeoVGM]

Hopefully this leads to Marvel getting the rights back to the cast of Entourage.

 

[Mimosa97]

How were they able to transfer so much data? It sounds like they were under attack for days and they didn't even realize it?

 

[CLEEK]

Did HBO really say that? I've always basically heard the opposite from them.

https://www.businessinsider.com.au/hbo-game-of-thrones-anti-piracy-2016-5

http://www.cbc.ca/news/business/hbo-game-of-thrones-piracy-streaming-1.4226959

You're right, HBO execs had previously viewed pirating of GoT as the reason the show is a global phenomenon, which in turn led to legitimate subscribers in the US and abroad.

But outside of the US, HBO content is still locked behind legacy cable/satellite providers, with HBO no longer making the show available to download or stream. So They're using the old scare tactics to support their legacy cable/satellite partners. Hopefully this will force HBO to embrace global streaming.

 

[kitschykitty]

All 7 seasons of Arliss in 4K, the ultimate heist.

 

[BasicMath]

This is dumb. The Sony hack brought down hellfire because of all the goofy shit in the emails

This hbo one seems to be just videos and episodes. After this season is over, no one will care

It's even worse because a quick search tells me Time Warner (HBO) spends more money lobbying than Sony. It's a direct attack on our democracy since corporations are people and money is free speech.

 

[Glass Rebel]

Is that so?

Somebody get me those juicy Confederate emails.

 

[hodayathink]

I find it wierd they're measuring the scope of this attack in terms of data size. A terrabyte isn't some impossibly large cache of data - it's very average. All this seems to mean is that the hackers got a hold of more video content than what came out of Sony.

I doubt that the large size is because they downloaded THAT much more video than they did from Sony. HBO doesn't produce enough content for hackers to find that much of it worthy for downloading (like, the total of their original programming for the year at broadcast quality doesn't add up to that much data, and anything already out would be kind of pointless for a hacker to steal since it's probably already out there just from having been recorded off air).

 

[Valkyr Junkie]

How were they able to transfer so much data? It sounds like they were under attack for days and they didn't even realize it?

The exfilitration of data over the course of days or longer wouldn't be seen as an "attack" over the course of days or longer. The transfer of a large amount of data to a single source (assuming they didn't exfiltrate to multiple destinations) can easily go undetected, even if the data was extiltrated as quickly as possible. If they went "low and slow," forget about it.

 

[Tagg9]

7 times the size of data means absolutely nothing. Two hours of uncompressed audio and video could easily be 1.5TB.

 

[PR_rambo]

Watch, they're gonna Leak GGG vs Canelo

 

[norm9]

Thank goodness I'm too poor for HBO.

 

[-Pyromaniac-]

I'm expecting an epic bow and not some shit bow for this.

 

[BobLoblaw]

Thank goodness I'm too poor for HBO.

Kinda this. I'm not too poor. I just can't justify paying for it. Good luck with your subscriber data HBOGaf.

 

[neshcom]

I guess so, but that's comparing the HBO hack, which had a bunch of upcoming episodes and video data, versus the Sony hack, which has been remembered for damning 9and miniscule) documents/emails. The few bits of video from the Sony hack was production cuts, right? So probably very small. TV masters are HUGE.

If the HBO hack is mostly just production video, that'll get up in size incredibly fast.

 

[WhiteRabbitEXE]

this just in, high quality video is big

 

[hodayathink]

7 times the size of data means absolutely nothing. Two hours of uncompressed audio and video could easily be 1.5TB.

Why would the hackers actually download the uncompressed audio/video, though, especially if the compressed is already available (and I have a very hard time believing that they would be able to hack into whatever system stored the uncompressed audio/video and couldn't hack into the system that stored the streaming ready audio/video, which they would have available because of HBONOW/GO).

 

[Linkura]

1.5TB isn't shit for a company that size.

 

[Mimosa97]

The exfilitration of data over the course of days or longer wouldn't be seen as an "attack" over the course of days or longer. The transfer of a large amount of data to a single source (assuming they didn't exfiltrate to multiple destinations) can easily go undetected, even if the data was extiltrated as quickly as possible. If they went "low and slow," forget about it.

Mmmh thanks. Is it a common loophole in cybersecurity measures or is it that no one can detect when data is being exfiltered to an outside source if it's done relatively " slow " ?

 

[commedieu]

7 times the size of data means absolutely nothing. Two hours of uncompressed audio and video could easily be 1.5TB.

sure, but... I'm sure HBO would want to get in front of investors and say "It was just one uncompressed video the hackers got access to!" You have compressed edits of movies, good enough to pirate.

"The attack was sophisticated, insiders tell The Hollywood Reporter, targeting specific content and data housed in different locations, suggesting multiple points of entry. Even more chilling, there was no ransom demand, say sources, leaving the motive in question and raising the specter that video footage, internal documents or even email correspondence could be leaked."

So they likely went after vendors and likely something more damaging, than one 2 hour episode of something. Uncompressed.

200gb was enough to send waves through Sony. Depends on what the malicious data is, and it seems that this is malicious. Not just a LOL hack.

 

[kevin1025]

It's going to end up being all of the variants of the 4K uncompressed Game of Thrones titles.

 

[old]

Edit wrong thread

 

[snap]

"If not for video and sound, a corporation the size of HBO might fit [entirely] in a terabyte, including all the email and spreadsheets ever written or stored."

receipts.gif

Large companies use lots of data, a terabyte (even excluding video and audio) isn't that much.

sure, but... I'm sure HBO would want to get in front of investors and say "It was just one uncompressed video the hackers got access to!" You have compressed edits of movies, good enough to pirate.

"The attack was sophisticated, insiders tell The Hollywood Reporter, targeting specific content and data housed in different locations, suggesting multiple points of entry. Even more chilling, there was no ransom demand, say sources, leaving the motive in question and raising the specter that video footage, internal documents or even email correspondence could be leaked."

So they likely went after vendors and likely something more damaging, than one 2 hour episode of something. Uncompressed.

200gb was enough to send waves through Sony. Depends on what the malicious data is, and it seems that this is malicious. Not just a LOL hack.

Yeah but it was a 200GB archive of their main server, wasn't it? There haven't been any signs the HBO hack has anything juicy on that level, and if at least some of it is video, that's less of that 1.5TB to worry about.

 

[Marmaladefire]

It's not really that much if they have video, though I do think they got some personal info. It's not as bad for the company overall as the Sony leak in that sense, since those emails fucked them up. They didn't even get the shows people watch.

 

[Maximo]

Give us Game Of Thrones!

 

[ghostjoke]

Sorry.

Spoiler

Not Sorry..

 

[Vashetti]

It's going to end up being all of the variants of the 4K uncompressed Game of Thrones titles.

GoT is mastered in 2K.

 

[Linkura]

Depends on what the malicious data is, and it seems that this is malicious. Not just a LOL hack.

The size of the data hack isn't the main concern, but the article stupidly makes it out to be.

 

[jett]

1.5TB doesn't really seem to be that much to be honest.

 

[cubicle47b]

The spoilers for season 7 of Game of Thrones have been out for a long time so unless they got season 8 scripts that part of it was pointless.