[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Who Is Bill Gates? (Full Documentary, 2020)

Here Is What Republican Voters Really Believe in. It's a Shame the GOP Has No Idea

guTTing america ... going back --- on Track

“The ElecTion is Over”... Trump HaTer Cindy McCain Trashes Arizona ElecTion AudiT ---“Ludicrous” (VIDEO)

DissidenT Episcopalians awarded $100 million worTh of property ... as U.S. Supreme CourT --- declines To Take up Fort WorTh case

Joe Biden needs to stop lying about the cause of the border crisis and start fixing it

George W. Bush says ... The Republican ParTy has a shoT aT fuTure elecTions if iT curbs --- iTs 'whiTe Anglo-Saxon ProTesTanTism' ( heriTage )

BREAKING EXCLUSIVE - TGP’s Jordan Conradson InTerviews AZ AudiT DirecTor Ken BenneTT — HUGE DEVELOPMENTS ... Including Plans To Triple OuTpuT --- QuesTions on Number of FraudulenT BalloTs (VIDEO)

Can Democrats Avoid a Wipeout in 2022?

Biden declares war on America -- literally

Former Trump assisTanT says ... 'freighT Train' of elecTion resulT audiTs coming --- 'The MAGA movemenT is demanding answers'

Tim Scott's 2024 Star Rises After Biden Rebuttal

“We Will Find MisTakes – IrregulariTies ... We Probably Are Going To Find OuTright Fraud” --- AZ GOP Chair Dr. Kelli Ward Give - UpdaTe on HisToric AudiT (VIDEO)

Australia security official warns nations are ‘beating drums’ of war amid Asia-Pacific tensions

Former Obama White House advisor Seth Andrew arrested, accused of stealing from charter school he founded

This is fo sucking funny ... Joe has no clue --- The dumbocrap leaders are in a hearT aTTack panic!!.

The voter suppression lie

War Room ... Rachel Maddow Is Worried abouT whaT AZ ElecTion AudiT will Find — She Knows Georgia Is NexT

Conspiracy Queen Rachel Maddow ... Panics Over --- ‘Dangerous’ Arizona Vote AudiT

‘True To iTs docTrine’ ... ConservaTives plan for a new church afTer UniTed MeThodism spliTs --- over homosexualiTy debaTe

Michael Eric Dyson - WhiTe People Can Help BLM ...by Holding RacisT RelaTives --- ‘To AccounT’ aT Thanksgiving

Derek Chauvin ... The GreaT --- WhiTe DefendanT

New Mexico state trooper executed by Mexican cartel member… Horrific Video

John Kerry in Earth Day wonderland

Democrats Are Cheaters

Derek Chauvin's FaTe ... Is Now in The Hands --- of The Jury

Fools' overture

Democrats Are Terrified of Georgia

Climate Media vs. Climate Science

Why We Black Leaders Support Voter ID Laws

Pelosi: ‘No Plans' to Bring a Court-Packing Bill to the House Floor – at This Time

B-1 Bombers Are Deploying To Norway For The First Time With An Eye On Nearby Russia And The Arctic

High School Coach Fired After Refusing To Enforce “Insane” Outdoor Masks During Sports

CNN Says Chinese-Style Fonts Are Racist

Gran Torino Denounced for Anti-Asian Racism

'It Is Still Not Safe To Go Outside,' Says Fauci's Head In A Jar In Year 2739

Biden Re-Ignites the Waco Fire

Over 500 White People Have Been Killed By Cops Since 2020. There Has Been No Rioting Over Those Deaths.

Buttigieg on Exaggerated Infrastructure Jobs Estimate: ‘I Should Have Been More Precise’

Videos - ChrisTians Tear Down MeTal Fences ... Denounce The Closure Of GraceLife Church --- Due To A COVID-19 ResTricTions

Pete BuTTigieg ... To evangelical vaccine hold-ouTs --- Maybe iT's parT of God's plan

TINHORN FLATS ... The Symbol of Modern Day America --- AgainsT Tyranny

This Trial is a ToTal sham ... The enTire power of The sTaTe - media - lefT-wing shock Troops - counTry's finesT legal TalenT ... is being deployed againsT Derek Chauvin.

A few billionaires currenTly have The power To decide ... ThaT some Americans’ speech righTs are more sacred Than oThers --- Clarence Thomas offers a remedy.

Biden Defense Secretary Orders Several “Immediate Actions” to Weed Out ‘Extremism’ in the Ranks

Target selling book that includes prayer to 'hate white people' in 'Religion' section

America is losing its religion — and the effects will be long-lasting

Conservative Grassroots Begin to Take Back Wisconsin

Ron DeSantis Is What the Post-Trump GOP Should Look Like

White House pushes back on conservative argument over Georgia, Colorado voting laws amid MLB dispute


Status: Not Logged In; Sign In

Business
See other Business Articles

Title: FBI Gives Hollywood Hacking Victims Surprising Advice: "Pay the Ransom"
Source: The Hollywood Reporter
URL Source: http://www.hollywoodreporter.com/ne ... sing-advice-pay-ransom-1001515
Published: May 12, 2017
Author: Tatiana Siegel
Post Date: 2017-05-12 13:29:08 by cranky
Keywords: None
Views: 1721
Comments: 8

Netflix isn't alone: Agencies and others are balancing demands for money against the fears of stolen data ending up online.

Phones are the lifeblood of a talent agency like UTA, but on April 11, its IT department discovered an intruder lurking in the voicemail system and computer network and quickly decided to shut them down, sending agents to conduct business on their iPads. Soon thereafter a demand from a hacker arrived: Pay a ransom or watch the agency's most confidential data get posted online.

It turns out UTA was lucky — an outside cybersecurity firm was brought in and, after conducting a forensic analysis, determined that nothing valuable had been pilfered. But the episode was one of at least a half-dozen extortion attempts against Hollywood firms over the past six months alone, say sources in the cybersecurity industry. Mirroring the audacity of the famed Bling Ring, the recent spate of strikes has left executives throughout the entertainment industry on edge, fearing that they — and all of their emails, contracts, celebrity addresses, banking information and salaries — might be the next Sony or Netflix, which saw 10 episodes of the upcoming season of Orange Is the New Black posted to The Pirate Bay six weeks ahead of the series' June 9 launch.

Others targeted with extortion plots include ICM and WME, the latter more significantly. Says USC cybercrime expert Michael Orosz: "A hacker breaks in through various means, steals data and then holds the company over the barrel. This is becoming more and more common because it's easy to do. It's basically low-hanging fruit."

The frequency of the attacks has overwhelmed the FBI's Los Angeles field office, which has been unable to properly investigate all of them. The FBI's surprising advice, according to industry sources: Pay the ransom. After all, the hackers aren't asking much more than a Cannes hotel tab. In all of the Hollywood extortion cases, the hackers demanded less than $80,000. A law enforcement source says that in California, losses would need to exceed $50,000 for the U.S. Attorney's office to prosecute, thus keeping the FBI from pursuing most of these cases.

But an FBI spokesperson in the L.A. office denied that the agency is telling companies to cough up the bitcoins in cases of ransomware. "The FBI does not encourage payment of ransom as it keeps the criminals in business," says Laura Eimiller. "Of course, the individual victim must weigh their options."

"If your system is wiped and you didn't pay, then there's no way to recover it and you basically shut down your entire business, so the FBI will say it's easier to pay it than it is to try to fight to get it back," says Hemanshu Nigam, a former federal prosecutor of online crime in L.A. and onetime chief security officer for News Corp. "And if one company pays the ransom, the entire hacking community knows about it."

So far, at least one Hollywood company has paid the ransom, according to a source. Others are waiting to see if anything valuable was taken, something not evident unless a victim runs a forensic analysis, which typically costs far more than the ransom demand.

Netflix recently learned the consequences of not paying. Sometime in late 2016, a hacker collective known as TheDarkOverlord breached the network of postproduction facility Larson Studios and made off with a trove of unaired shows including Orange Is the New Black, CBS' NCIS: Los Angeles, Fox's New Girl and IFC's Portlandia. It wasn't until late January that the FBI began to contact the affected parties, which also included ABC, NBC, FX, National Geographic, E!, Disney Channel and Lifetime, to let them know the agency was investigating a possible hack and that their property may have been stolen. But more than a month passed without incident, eliciting relief from the networks. Then, in March, TheDarkOverlord made its first overture to the victims, demanding a ransom of 50 bitcoin (roughly $60,000) by an April 30 deadline or else the content would be released.

Netflix never responded to TheDarkOverlord, and two days before the deadline, the hackers posted on Twitter, "To those of you carefully watching this feed, allow the events that are but mere moments away to influence your choises [sic]." Twenty minutes later, the account tweeted a link to download the first episode of season five of Orange Is the New Black on Pirate Bay.

THR has been in contact with TheDarkOverlord, who said more content will be released because none of the affected parties has paid the ransom. "We're motivated by our desire to acquire internet money," TheDarkOverlord told THR via an encrypted conversation in a private chat room. "Contrary to what others have declared, we're motivated only by the benefit of financial gain." The group would not say whether it had infiltrated other Hollywood entities.

Although more than two years have passed since the epic Sony hack, the phenomenon appears to be alive and well in Hollywood, albeit barely reported. TheDarkOverlord hit might be the first breach since Sony to generate headlines, but that doesn't mean the problem is rare or insignificant. One source, who declined to be named because it would violate a confidentiality agreement, called hacking one of the biggest threats facing the industry.

That's partly because few appreciate the scope of the problem. After all, Hollywood is an interconnected ecosystem, where valuable and confidential data is uploaded or shared with partners at a wide variety of organizations that in turn have varying degrees of security, says Orosz. A studio may have a solid firewall, but what about the management company it negotiates deals with, or the law firm or the publicity outfit? Last year, a hacker posing as an Interscope executive convinced a record label and management company to send copies of Lady Gaga's master audio files, according to The New York Times. (Lady Gaga's reps did not respond to a request for comment.)

Netflix probably has the resources and in-house expertise to thwart a network intruder, but few third-party vendors can match the tech brawn of a multibillion-dollar corporate giant. "Part of being data-security responsible is understanding that there's a supply chain," explains Orosz, "and everybody collectively needs to do their part to ensure that they are not the weakest link."

Privately, many of the networks victimized by TheDarkOverlord hack were quick to point fingers at Larson Studios, a postproduction facility widely used by television shows. In its only public statement on the matter, Netflix deflected blame to Larson: "A production vendor used by several major TV studios had its security compromised, and the appropriate law enforcement authorities are involved."

Experts say UTA handled its attack correctly, moving swiftly to contain the threat by getting everyone off their devices to prevent the malware from spreading. "To me, it's the first time that I actually saw an amazingly positive sign that these agencies are realizing the risks of cyberattacks in how badly it can hit their bottom line and their reputation," says Nigam. "Watching what UTA did was something that people should pay a lot of attention to in terms of this is a good example of how you respond to an attack."

The fact is, the next major breach likely has already occurred. Often the first time a company learns it has been hacked is with the arrival of a ransom note, and that can be long after its data is stolen. Hackers, typically located in foreign countries, are constantly sweeping for data, and it may take weeks or months for them to examine a cache and realize what they have.

TheDarkOverlord sees itself as a professional venture, not unlike the Hollywood companies it is trying to extort. "We're a professional business entity, and we behave as such," TheDarkOverlord told THR. "We're in this racket to create mutually beneficial long-term business relationships. A majority of our clients find our services very beneficial."

The group didn't clarify what it means by "clients," but it seems to imply that it offered investors a black market opportunity to share the profits from its extortion plots. A Times report linked the group to extortion against entities including an investment bank, a glue manufacturer, health care providers and a cancer charity.

But there are a lot of people out there who are especially interested in messing with Hollywood. At Sundance in January, hackers launched a DDoS attack that shut down the box office. Around the same time, a separate but likely related attack is believed to have disrupted Wi-Fi service for nearly all of Park City's Main Street businesses, bringing many festival events to a standstill. The FBI never confirmed whether it was investigating, telling THR that it had no update beyond that it was reviewing the incident.

"Technology continues to march at an unrelenting pace, and things are becoming much more sophisticated. What has resulted is we humans start to lose track of the environment that we are all interfacing with," says Orosz. "Hollywood is fast-paced, but no matter how fast or critical your timelines, part of that responsibility is taking care of your data security. So far, it doesn't appear to be costing business too much, but it will."

Click for Full Text!

Post Comment   Private Reply   Ignore Thread  


TopPage UpFull ThreadPage DownBottom/Latest

#1. To: cranky (#0)

Others targeted with extortion plots include ICM and WME, the latter more significantly. Says USC cybercrime expert Michael Orosz: "A hacker breaks in through various means, steals data and then holds the company over the barrel. This is becoming more and more common because it's easy to do. It's basically low-hanging fruit."

This is falling off a log stoopid. ANY company with confidential client data or valuable data like a unseen season of a popular show on file is a fool if it is on file on any computer with a modem.

If your computer has no modem,there is no way it can be hacked into by outside sources.

I have a friend with a small auto repair shop,and even he keeps all his receipts,work files,and finances related to his business on a small computer he bought to use SOLELY for storing that information securely. It has never been hooked to a phone line since he took it out of the box new,and it will never be connected to a phone line as long as he owns it. He backs up the data every month on a portable hard drive,and stores that separetely.

He had grief with the IRS a number of years ago and because of inadequate records he had to pay fines on projected income he hadn't earned,and that will never happen to him again.

In the entire history of the world,the only nations that had to build walls to keep their own citizens from leaving were those with leftist governments.

sneakypete  posted on  2017-05-12   14:30:15 ET  Reply   Trace   Private Reply  


#2. To: sneakypete (#1)

If your computer has no modem,there is no way it can be hacked into by outside sources.

Not really.

It was done by the commies back in the late sixties/early seventies when they 'broke into' (as we said back then) a dod ibm 360 mainframe (a 360/60, iirc) by renting a room in an office building facing the side of the pentagon where the cpc was. Then they aimed a device capable of picking up the blocks of bits and bytes that were flowing down the fifty-eight pair bus and tag type channel cables.

The solution was to lead line the walls of the pentagon, I was told.

An israeli ibm computer was broken into back in the sixties by someone who somehow managed to get a tape jockey in the data center to mount a 3420 tape.

In the ibm operating systems I'm familiar with, there are three ways to get work into the system: the mount command, the logon command and the start command, none of which need any network connectivity and all should be tightly controlled by a security system (racf, top secret or acf2, when last I heard).

cranky  posted on  2017-05-12   15:17:55 ET  Reply   Trace   Private Reply  


#3. To: sneakypete (#1)

This is falling off a log stoopid. ANY company with confidential client data or valuable data like a unseen season of a popular show on file is a fool if it is on file on any computer with a modem.

Certainly for entertainment production outfits, there is a need to circulate confidential production material for various reasons, which is/was not applicable in your friends case.

Pinguinite  posted on  2017-05-12   15:36:05 ET  Reply   Trace   Private Reply  


#4. To: cranky (#2)

I am sure all that is true,but all of it required efforts nobody is going to make to get into your home computer to steal your passwords. Especially if the home computer is shut down and password protected by a strong password.

In short,anyone who doesn't keep their financial records and other sensitive data on a device that has no connectivity with any other electronic device that broadcasts or receives electronic signals is a fool.

I still have a hard time believing all these people I see with smart phones making cash transfers using their phones with no more security than the tiny anti-software programs designed for cell phones.

In the entire history of the world,the only nations that had to build walls to keep their own citizens from leaving were those with leftist governments.

sneakypete  posted on  2017-05-12   16:53:08 ET  Reply   Trace   Private Reply  


#5. To: Pinguinite (#3)

Certainly for entertainment production outfits, there is a need to circulate confidential production material for various reasons, which is/was not applicable in your friends case.

Well,we all know and accept the basic truth that there is no such thing as a secure secret if two people know it. Still,there is no need for them to keep this stuff stored in computers with web links. For example,they can make dvd copies to use away from the "shop" if necessary,and restrict who is able to access them.

There is no such thing as a completely secure system that involves more than 1 person,though.

In the entire history of the world,the only nations that had to build walls to keep their own citizens from leaving were those with leftist governments.

sneakypete  posted on  2017-05-12   16:56:09 ET  Reply   Trace   Private Reply  


#6. To: sneakypete (#4)

Especially if the home computer is shut down and password protected by a strong password.

That's a good start.

But at the very least, I'd encrypt my hard drive(s) and i don't keep any user data on the c drive.

cranky  posted on  2017-05-12   20:48:59 ET  Reply   Trace   Private Reply  


#7. To: cranky (#6)

But at the very least, I'd encrypt my hard drive(s) and i don't keep any user data on the c drive.

Smart move. If you have business information or something else that critical and sensitive you may want to put it on removable hard drives and then lock them in a safe.

All I have on mine is stuff that isn't worth anyone's time,so I'm satisfied with my security.

In the entire history of the world,the only nations that had to build walls to keep their own citizens from leaving were those with leftist governments.

sneakypete  posted on  2017-05-13   10:37:19 ET  Reply   Trace   Private Reply  


#8. To: sneakypete (#7)

All I have on mine is stuff that isn't worth anyone's time,so I'm satisfied with my security.

My data is only valuable to me, also.

But i still go through a vpn and firewall to access the net and mirror the stuff i want to keep real time, back it up offline and wipe it off my d drive.

cranky  posted on  2017-05-13   11:39:58 ET  Reply   Trace   Private Reply  


TopPage UpFull ThreadPage DownBottom/Latest

[Home]  [Headlines]  [Latest Articles]  [Latest Comments]  [Post]  [Mail]  [Sign-in]  [Setup]  [Help]  [Register] 

Please report web page problems, questions and comments to webmaster@libertysflame.com