According to US media reports, the HBO hack at the beginning of this month is turning out to be more than the initially suggested leaks of a few unaired TV show episodes.
One Variety report said that a "security company [IP Echelon] hired by HBO to scrub search results for the hacked files from search engines has told Google that the hackers stole thousands of Home Box Office (HBO) internal company documents." A total of 1.5 terabytes of data may have been stolen.
Another aspect - that the hackers see to have also leaked personal information of a senior HBO executive - brings back shades of the Sony attack in 2014. Experts suggest that access to the executive's work information may have been made possible by the hackers gaining access to at least one of some subscription or personal login accounts.
While HBO is working with law enforcement and private companies and that there's "an ongoing investigation," local digital security experts told Computerworld Malaysia that this latest attack already presents a mix of old and new lessons for Malaysian IT and business leaders.
Computerworld Malaysia first turned to national digital security agency CyberSecurity Malaysia's chief executive officer Dato' Dr Amirudin Abdul Wahab (pic below) who confirmed that the agency - through MyCERT - "is monitoring the situation usual and so far no reports of any similar breaches have been filed in Malaysia [as of 2pm MYT, 3 August 2017]." Members of the public are advised to report suspected incidents to MyCERT for further advice and support (see Appendix).
What should have been in place?
"Looking at the magnitude of this hacking incident, I personally doubt that the hacking activities were only confined to online hacking. There would have been sequences or combinations of internal corroboration and physical intrusions," said former white hat hacker turned financial digital security consultant, LGMS director Fong Choong Fook (pic below), and who of two digital security specialists that Computerworld Malaysia turned to for comments.
"Unless of course, if HBO indeed store all of their media content and Intellectual Properties (IP) on a network, without having strong access controls and data encryption," said Fong, adding that "this is just purely my speculative opinion: if what happened in Sony (back in 2014) did not teach the media industry a lesson about IP protection, probably nothing will."
"At the very outset, sensitive or valuable data should have been protected via encryption and strong access controls," he emphasised. "Something HBO (or any other organisation) can and should be doing is running regular security assessment and audits. I don't mean a 'checklist type' of audit, but a more thorough and in-depth type of exercise such as Compromise Assessment, Threat analysis, and penetration testing."
Commenting on the possibility that a breach may have been effected through a shared password, Fong said: "Password sharing is one of the biggest no no's in any form of security hygiene. However, this is still an unconfirmed possibility- personally, I think there could be more factors behind the HBO compromise."
IT security and forensics specialist Krishna Rajagopal (pic below) agreed. "The fact that the HBO incident indicates multiple points of entry and with specific content in target, indicates a complicated attack. And it seems that the perpetrators were after fame rather than money in this case."
"Generally hackers these days have different things that 'tick' them," Rajagopal said. "Some are after money, and some are after fame."
Sign up for Computerworld eNewsletters.