Skip to main content
  1. Home
  2. Entertainment
  3. Features

How did HBO get hacked? A cyber security expert has two theories

Keith Nelson Jr.
By

game of thrones
Helen Sloan/HBO
Hackers recently absconded with 1.5 terabytes of data from HBO, and have since leaked unaired episodes of Ballers, Room 104, and Game of ThronesHBO says it has been looking into the hack since it was discovered, but few conclusive details are known. So Digital Trends sought answers; we asked a cybersecurity expert exactly how the HBO hack could have happened.

The answers aren’t pretty.

Roderick Jones is the founder of cybersecurity and privacy firm Rubica, and has been involved in cybersecurity for more than 15 years. Before he was helping Ashton Kutcher keep his data secure, he was a member of Scotland Yard’s Special Branch focusing on international counterterrorism. The cyberattacks he dealt with during his time on Special Branch are classified, but Jones does say he was involved with protecting a prominent British cabinet member.

Roderick Jones Image used with permission by copyright holder

“The entertainment industry is probably five or six years behind where it needs to be,” Jones told us. He claims one movie studio had no cybersecurity before he helped out, following the massive Sony Pictures hack in 2014. The damage these hacks can cause are no joke — but the entertainment industry’s security is laughable.

Related

Jones says hackers are usually in a system for months and believes the HBO situation may have followed the same pattern. Here’s how the biggest hack in HBO history probably happened.

H-B-Old

Jones’s primary theory: The entire hack was possible because HBO uses old tech to house its content. “The Wannacry attack, the ransomware that kind of shut down the health service in Britain? That was targeted at an old Windows system,” Jones said. “That has created a vulnerability for HBO. I would say that’s probably a certainty, because that’s where the weaknesses are.”

“The entertainment industry is probably five or six years behind where it needs to be.”

Windows has been a gateway for hackers to enter the entertainment industry’s computer systems as of late. The malware used in the infamous 2014 hack of Sony Pictures targeted and manipulated Windows management tools.

And Netflix lost 10 episodes from Orange Is The New Black‘s fifth season this year because the episodes were on servers running Windows 7. Larson Studios, the post-production company that was hacked, claims the perps weren’t even looking for the show, just computers running Windows.

After the first four episodes of Game of Thrones’ fifth season leaked before the season premiere in 2015, HBO announced it would have critics stream advance episodes online, instead of the company sending DVDs. Stopping opportunistic TV critics is one thing, but preventing sophisticated hackers from entering your system is more complicated for entertainment companies.

Image used with permission by copyright holder

“People think you can just flick a switch and say ‘oh, I’ll have cybersecurity.’ It just doesn’t work like that, because the machines they have running all of this content are going to be legacy systems. You just can’t do it overnight,” said Jones.

This is when things could get personal.

If it wasn’t Windows, it was this

Jones’s secondary theory is the hackers targeted individual employees. Even if HBO keeps all of its files and internal documents behind heavily encrypted security, it likely doesn’t extend that level of security to each individual employee.

The damage these hacks can cause are no joke, yet the entertainment industry’s security is laughable.

“If you’re a senior executive at one of these companies you probably have some security when you’re sitting in the office at the company. But not when you go home,” Jones asserted. “The hackers understand, ‘I’ll just wait for you to go home. Or I’ll wait until you get a cup of coffee from around the corner of the movie studio.'”

This method of attack could be the culprit; Variety reported hackers appear to have accessed the personal info of an HBO senior executive. Some of the information stolen may have given the hackers access to the executive’s work email, according to reports.

Jones said that very access could do HBO exponentially worse damage than leaked Game of Thrones episodes. “The financial damage is not through leaked episodes of Games of Thrones. It’s through details, emails between staff, all of the mechanics of the business.”

Trouble ahead

Verizon acquired Yahoo earlier this year for $350 million less than originally reported, following a disclosure by Yahoo that 32 million email accounts were hacked. AT&T agreed to acquire HBO parent company Time Warner for $85.4 billion in October 2016. With a Department of Justice investigation slowing the deal’s finalization, this hack could lead to AT&T lowering its offer or even potentially walking away from the deal. Entertainment deals are big business, in other words — and hacking is having a big effect on them.

Sony had 200 gigabytes of data stolen in 2014, and thousands of incriminating emails were released, including racially insensitive messages from Amy Pascal, co-chair of Sony Pictures Entertainment. Pascal resigned as head of Sony Pictures shortly after the emails became public. This time, hackers have obtained nearly six times as much data from HBO and are preparing to leak information every week.

If history repeats itself, HBO may never be the same again. Winter really is here.

Editors' Recommendations

Topics
Keith Nelson Jr.
Keith Nelson Jr.
Former Digital Trends Contributor
Keith Nelson Jr is a music/tech journalist making big pictures by connecting dots. Born and raised in Brooklyn, NY he…
HBO Max releases new House of the Dragon character images
Alicent Hightower looking distressed in House of the Dragon.

Game of Thrones may have left some fans with mixed feelings following its final episode in 2019. Regardless, it was easily the most influential fantasy TV series of the last decade. And this summer, HBO Max is revisiting George R.R. Martin's A Song of Ice and Fire with a new prequel series, House of the Dragon. HBO Max has finally set a premiere date for the show of August 21. But considering that this an all-new cast of characters, some introductions need to be made.

That's why HBO Max has released several new pictures from the series, with background information about the pictured characters. Some of the names may seem familiar, since they were legends by the time of GoT. But in House of the Dragon, they are living people with flaws and insatiable appetites for power.

Read more
Tesla factories’ security cameras caught up in wider hack
Tesla Gigafactory

A Silicon Valley startup offering cloud-based security camera services has had its systems breached in an attack that gave hackers access to numerous live feeds, some of them coming from Tesla factories.

Verkada, which launched in 2016, had around 150,000 of its cameras hacked, with many of the devices installed in hospitals, schools, police departments, prisons, and companies that besides Tesla also included software provider Cloudflare, according to a Bloomberg report on Tuesday, March 9.

Read more
The Naomi Watts-led Game of Thrones prequel is dead at HBO
naomi watts

In a plot twist worthy of Game of Thrones itself, HBO has decided not to move forward with the Game of Thrones prequel starring two-time Oscar nominee Naomi Watts.

Jane Goldman, showrunner on the series, emailed cast and crew to tell them that the show was no longer happening, Deadline reports. The prequel series was expected to launch sometime in 2021. We've contacted HBO to confirm the show's cancellation and will update this story if we hear back.

Read more