sb-as logo
Story image

Epic hacker fail: An exclusive look at the Netflix hack with ESET

04 May 2017

This week news broke of a hacker’s bold attempts to extort Netflix for ransom, after they claimed to release several episodes of the popular TV series Orange is the New Black.

We had a quick chat with ESET’s senior research fellow Nick Fitzgerald for an expert's perspective on what the Netflix hack means for the future of streaming networks - will it see the downfall of some of the world’s most powerful legal streaming websites?

“Predicting the directions cybercriminals will turn next is a pretty thankless task, but whether we see this kind of thing happen more in future will depend on how victims react,” he says.

In the Netflix example, they didn’t pay the ransom - so at least the hackers didn’t get rich for their efforts. While promising, it doesn’t necessarily mean other streaming networks will do the same. 

“The cybercriminals behind this leak claim to also have other unreleased content. If any of that is for release on more traditional broadcast media, the content owner or broadcaster may be more likely to pay up,” he explains.

He points out that the 2014 Sony Pictures hack is another example of how hackers try to control media releases - in that instance the hacker tried to prevent the release of ‘The Interview’ by threatening to release confidential data.

Both the Sony and Netflix hack are examples of what Fitzgerald calls ‘doxware’ - in which hackers hold sensitive data hostage until the victim pays the ransom. It’s similar to ransomware but it goes a step further by hacking and threatening to release confidential data.

“When potentially dox’ing a movie or TV studio, it might seem obvious to target unreleased content, but as this case shows, Netflix’s distribution model may mean that such content is not such an effective target,” he says.

The Sony hack used traditional doxing methods because the hacker released some of the information to prove they were serious.

“Sometimes, more material is released if the ransom demand is not met. This happened in the Sony Pictures case, as it did in the Ashley Madison hack, where the victim company also did not accede to the attacker’s demands and their entire user database was released,” he points out.

So with companies such as Netflix offering cheap and high-quality films and TV series against the deluge of torrent sites that distribute malware-filled copies, does this mean that a lack of interest in the leaked episodes be a good or a bad thing for piracy?

FitzGerald cites stats from Sandvine, which found that between 2011 and 2016 BitTorrent’s share of daily internet traffic in North America dropped from 23% to less than 5%.

“To me, Netflix’s unwillingness to pay the ransom, and the subsequent lack of outrage over the leak, cements the newfound power of streaming services over pirated content,” he says.

He adds that although 10 out of the 13 episodes of Orange Is The New Black have been leaked, Netflix will officially release the series in the next month.

Die-hard TV and movie pirates will no doubt be happy, but will novice pirates go to the trouble of locating and downloading this content? Given the reputation of torrented content as a hotbed of malware and other nasties, probably not,” he says.

He understands that the leaked episodes are only in 720p, have audio errors and image quality issues.

“Netflix will be releasing it in full 4K HDR – I know which I’d prefer to watch!”

Story image
Over half of ransomware victims pay up - but does it work?
"Handing over money doesn’t guarantee the return of data, and only encourages cybercriminals to continue the practice."More
Story image
Egnyte ensures greater security across Microsoft 365 with latest integrations
The new integrations are aimed at helping mid-sized organisations prevent data loss, address a growing number of regional privacy regulations, and simplify the overall management of content with minimal administrative overhead.More
Story image
Five things ANZ businesses should know about storing customers’ data
Businesses need to correlate events intelligently across multiple threat surfaces, application layers, and time spans to connect event A, to event B, to event C — even if they are months apart.More
Story image
ABB and Nozomi Networks extend collaboration, deliver improved OT security solutions
"With Nozomi Networks solutions added to our cybersecurity portfolio, our customers gain proven network monitoring and threat detection technology."More
Story image
Dell Technologies unveils new data protection innovations for hybrid cloud workloads
The Dell EMC PowerProtect Backup Service, powered by Druva, is designed to deliver SaaS app protection without increasing IT complexity.More
Story image
AvePoint brings Salesforce Cloud Backup to channel partners
The product adds to the AvePoint suite of trusted Cloud Backup for Microsoft 365 and Dynamics 365 to provide managed service providers with backup and restore capabilities across multiple, popular SaaS providers.More