Over the weekend we learned a lot more about the recent cyber attack against Netflix. A vendor to Netflix was compromised by a hacking group who call themselves TheDarkOverlord.
In process copies of the show Orange is the New Black were stolen from a post-production house that was doing dialog and color adjustment for the show. TheDarkOverlord threatened to leak the stolen content unless Nextflix paid a ransom. Netflix refused and episodes of Orange is the New Black’s upcoming season were uploaded to The Pirate Bay.
This video from ABC News provides a good overview of the situation:
Studios Are Frequent Targets of Cyber Attack
Here’s the situation. This is a garden variety cyber attack. In fact, many companies are victims of these types of attacks and choose to pay off the attackers. But they could have saved themselves the trouble and prevented – or at least minimized – the attacks by using proper internal security controls.
In many cases, the extortionists are seeking a payment that is actually less than the cost of the security solution that could block the attacks. The core reason this happens is because security products that could interrupt intruders are often considered to be an inconvenience for users. And there is no tolerance for even a minor amount of inconvenience at many companies. Consequently, they subject their customers and shareholders to unlimited liability.
The problem of cyber intruders stealing intellectual property from studios has been going on a long time. These companies would be wise to take the necessary steps to secure their valuable content.