sb-au logo
Story image

Epic hacker fail: An exclusive look at the Netflix hack with ESET

04 May 2017

This week news broke of a hacker’s bold attempts to extort Netflix for ransom, after they claimed to release several episodes of the popular TV series Orange is the New Black.

We had a quick chat with ESET’s senior research fellow Nick Fitzgerald for an expert's perspective on what the Netflix hack means for the future of streaming networks - will it see the downfall of some of the world’s most powerful legal streaming websites?

“Predicting the directions cybercriminals will turn next is a pretty thankless task, but whether we see this kind of thing happen more in future will depend on how victims react,” he says.

In the Netflix example, they didn’t pay the ransom - so at least the hackers didn’t get rich for their efforts. While promising, it doesn’t necessarily mean other streaming networks will do the same. 

“The cybercriminals behind this leak claim to also have other unreleased content. If any of that is for release on more traditional broadcast media, the content owner or broadcaster may be more likely to pay up,” he explains.

He points out that the 2014 Sony Pictures hack is another example of how hackers try to control media releases - in that instance the hacker tried to prevent the release of ‘The Interview’ by threatening to release confidential data.

Both the Sony and Netflix hack are examples of what Fitzgerald calls ‘doxware’ - in which hackers hold sensitive data hostage until the victim pays the ransom. It’s similar to ransomware but it goes a step further by hacking and threatening to release confidential data.

“When potentially dox’ing a movie or TV studio, it might seem obvious to target unreleased content, but as this case shows, Netflix’s distribution model may mean that such content is not such an effective target,” he says.

The Sony hack used traditional doxing methods because the hacker released some of the information to prove they were serious.

“Sometimes, more material is released if the ransom demand is not met. This happened in the Sony Pictures case, as it did in the Ashley Madison hack, where the victim company also did not accede to the attacker’s demands and their entire user database was released,” he points out.

So with companies such as Netflix offering cheap and high-quality films and TV series against the deluge of torrent sites that distribute malware-filled copies, does this mean that a lack of interest in the leaked episodes be a good or a bad thing for piracy?

FitzGerald cites stats from Sandvine, which found that between 2011 and 2016 BitTorrent’s share of daily internet traffic in North America dropped from 23% to less than 5%.

“To me, Netflix’s unwillingness to pay the ransom, and the subsequent lack of outrage over the leak, cements the newfound power of streaming services over pirated content,” he says.

He adds that although 10 out of the 13 episodes of Orange Is The New Black have been leaked, Netflix will officially release the series in the next month.

Die-hard TV and movie pirates will no doubt be happy, but will novice pirates go to the trouble of locating and downloading this content? Given the reputation of torrented content as a hotbed of malware and other nasties, probably not,” he says.

He understands that the leaked episodes are only in 720p, have audio errors and image quality issues.

“Netflix will be releasing it in full 4K HDR – I know which I’d prefer to watch!”

Link image
When it comes to data, resilience is king
Data is the most important asset for a business. But if it's not stored securely, or if it's not instantly available, its value can plummet. Learn more here.More
Link image
Webinar: Best practices for managing disparate security solutions
As budgets get more constrained, the emphasis shifts from merely finding threats to increased efficiency in managing security operations. Learn how to juggle a crowded field of solutions.More
Story image
Check Point acquires Odo Security to bolster remote security offering
The deal will integrate Odo’s remote access software with Check Point’s Inifinity architecture, bolstering the latter company’s remote security capabilities in a time where working and learning from home has become the norm, and looks to largely remain that way in the near future.More
Story image
Kaspersky finds red tape biggest barrier against cybersecurity initiatives
The most common obstacles that inhibit or delay the implementation of industrial cybersecurity projects include the inability to stop production (34%), and bureaucratic steps, such as a lengthy approval process (31%) and having too many decision-makers (23%). More
Story image
Global attack volume down, but fraud and cyber threats still going strong
“The move to digital, for both businesses and consumers, has been significant. Yet with this change comes opportunity for exploitation. Fraudsters look for easy targets: whether government support packages, new lines of credit or media companies with fewer barriers to entry."More
Story image
Metallic adds data management and GDPR compliance
Now GDPR compliant, additions to the portfolio include eDiscovery features and support for Microsoft Hyper-V and Azure Blob and File storage.More