The New Ransom Target: Entertainment Files. Who Is The Next Phishing Victim?

Remember the James Bond movie Goldfinger? It was based on Ian Fleming's seventh novel, which first featured the timeless quote: "Once is happenstance, twice is coincidence, the third time it's enemy action". - Auric Goldfinger

Lady GagaFirst, A few months ago, very much under the radar, attackers used spoofed emails to impersonate an executive of Interscope Records, the record label owned by Universal Music Group.

This CEO fraud targeted two music-related businesses: September Management, and Cherrytree Music Company, and social engineered employees to send them Lady Gaga’s stem files — which are the files used by music engineers and producers for remixing and remastering.

Using tried-and-true tradecraft, the bad guys figured out that high-profile entertainment targets are supported by an ecosystem of softer targets which do not have the same resources and security technology. Remember that Target was hacked via their HVAC contractor?

Next, last month criminal hackers leaked unreleased episodes of “Orange Is the New Black” after they penetrated Larson Studios, one of Netflix' postproduction partners,  and unsuccessfully tried to extort Netflix. They demanded a ransom of 30 bitcoins, now roughly $60,000.

A source from inside the industry told me that there are at least 50 other titles that have been exfiltrated, belonging to Larson’s other clients, including ABC, Fox, National Geographic and IFC.

Dark Overloard Tweet

Third, news broke that Disney got pwned and Pirates got pirated. Their CEO Bob Iger warned that hackers are holding the unreleased copy of “Pirates of the Caribbean” movie. The hackers are demanding a massive amount of ransom in Bitcoin and threaten to release the movie if their demands are not met.

No Intent To Pay

For now, for as far as we know, Hollywood studios have presented a united front and stated they have no intention of paying any ransom — assumed to be a business decision based on a risk assessment how much they might lose in revenue and viewers — despite a “handsome business proposal” by the hackers: Pay a ransom, or see files deleted, sold or published online.

So, Who Is Next?

Losing a movie file that cost 200 million to make is obviously a disaster, but a release through torrent still only reaches a small part of the net, and mostly people who might not cough up the money to see the movie in the first place.

But what of the crown jewels in your own organization? If those would be sold to the competition in China who then bring your product to market for 30% of your price, that would mean massive losses. This has been happening numerous times. And in most of the cases, it was done through spear phishing attacks using social engineering

Your Employees  Are Your Last Line Of Defense

Bad guys go for the low-hanging fruit. If you want to spend less time putting out fires, get more time to be proactive, and get the things done you know need to be done, step employees through effective security awareness training. It will help you prevent this kind of disaster or at least make it very hard for the bad guys to social engineer employees. Find out how affordable this is for your organization:

Get A Quote Now

PS, don't like to click on redirected buttons? Cut & paste this link in your browser:


Topics: Spear Phishing

Subscribe To Our Blog

Anti-Phishing Guide ebook

Get the latest about social engineering

Subscribe to CyberheistNews