HBO doesn’t negotiate with hackers
“That’s a game we’re not going to participate in”. Unfortunately, HBO executives may learn they don’t have a choice but to play along. The entertainment giant has become the latest victim of high-profile cybercrime- proving that attacks happen to companies of all sizes and industries. In what the hackers themselves are calling “the greatest leak in cyber space era”, around 1.5 terabytes of HBO data has been exfiltrated and held ransom. When HBO made it clear they weren’t going to pay up, the hackers uploaded portions of the data to the web, and for a period of time, unaired episodes of shows like Game of Thrones, Curb Your Enthusiasm, and Bill Hader’s new comedy Barry- that isn’t expected until 2018- were available online.
HBO has tried to contain the amount of media attention surrounding this breach, and claims to not be in communication with the hackers. Though they weren’t willing to pay a ransom (never the best option), they did offer a substantial “reward” to the hackers for revealing vulnerabilities in their network of about $200,000. Whether the offer was sarcastic or not, the hackers ignored it, and demanded their originally stated ransom of over $7 million. There’s no question that HBO will increase attention and spending on cybersecurity in the future, and will focus on preventing incidents rather than responding to them.
If you read the news, you understand that something isn’t working…
· “HBO hacking woes continue: this time on social media”:
· “Most Chipotle restaurants hacked with credit card stealing malware":
· “Massive Phishing Attack Targets Gmail Users”:
· “SECURITY NEWS THIS WEEK: ONELOGIN HAD ONE VERY BAD BREACH":
· “Verizon data breach: 14 million customers reportedly exposed":
· “Security Breach at OU Exposes Thousands of Students’ Data”:
The sheer number of recent headlines about major data breeches is a clear indicator that traditional approaches to cybersecurity aren’t working. Every one of these headlines are from 2017- which we are barely halfway through. The increase in cybersecurity spending doesn’t explain why cybercrime costs are continuing to skyrocket. Obviously, something isn’t quite working…
Relying on traditional signature databases and using hash-based antivirus software heavily impacts system performance, and only prevents 60-70% of malware. Meanwhile, next generation AV solutions that use artificial intelligence and machine learning to quarantine threats barely impact performance, and stop 99% of malware. The future of cybersecurity is here, perhaps ahead of the market. Luckily, SIM2K is aware of this and became a proud partner of Cylance- bringing artificial intelligence backed malware protection to small-medium businesses throughout Indiana.
The kid who diffused the WannaCry bomb is arrested by the FBI
Marcus Hutchins was considered a hero just a couple months ago when he killed a global ransomware variant that was spreading internationally. But after attending the DEF CON cybersecurity conference in Las Vegas last week, he was arrested by the FBI on charges of cybercrime- particularly for his alleged role in creating and deploying the Kronos banking Trojan. This Trojan stole online banking credentials and then used them to commit fraud, and was available for sale sometime in 2015 on the dark web marketplace Alphabay. The site was recently seized by the FBI, and could contain data linking Hutchins to the Kronos Malware.
Hutchins is definitely an interesting person. He was just 22 years old when he inadvertently activated a kill switch that stopped the spread of WannaCry. Hiding behind his Twitter alias MalwareTech, reporters made great efforts to finally reveal his identity. Once this happened, the media barraged Hutchins’ home, who still lived with his parents. Interview requests, job offers and minor celebrity is what followed, landing him in the global spotlight. One company rewarded the young man $10,000 for putting an end to the virus. What did he do with the money? Hutchins donated it, specifically to charities that help get computer technology books in the hands of less privileged children. He has made it clear both verbally and through his actions that he isn’t focused on fame or money- which make the charges brought against him even more perplexing.
Tom X McShane
Check back next Thursday!