Posts Tagged ‘hackers’

Hackers could get even nastier in 2018: researchers

November 29, 2017

AFP

© AFP/File | Report by the security firm McAfee said hackers will develop new strategies in 2018 and target connected devices which offer less security than computers and smartphones

WASHINGTON (AFP) – After a year marked by devastating cyber attacks and breaches, online attackers are expected to become even more destructive in 2018, security researchers said Wednesday.A report by the security firm McAfee said the ransomware outbreaks of 2017 offer just a taste of what’s to come as hackers develop new strategies and “business models.”

McAfee researchers said that as ransomware profitability fades in the face of new defenses, hackers will turn to new kinds of attacks that could involve damage or disruption of computers and networks.

Attackers will also look to target wealthy individuals and aim at connected devices which offer less security than computers and smartphones.

“The evolution of ransomware in 2017 should remind us of how aggressively a threat can reinvent itself as attackers dramatically innovate and adjust to the successful efforts of defenders,” said Steve Grobman, McAfee’s chief technology officer.

McAfee also predicted wider use of cyber attacks “as a service,” allowing more hackers for hire to have an impact.

Raj Samani, chief scientist at McAfee, said the events of 2017 showed how easy it is to commercialize hacking services.

“Such attacks could be sold to parties seeking to paralyze national, political and business rivals,” Samani said.

McAfee’s 2018 Threats Predictions Report also said privacy is likely to be eroded further as consumer data — including data involving children — is gathered and marketed by device makers.

“Connected home device manufacturers and service providers will seek to overcome thin profit margins by gathering more of our personal data — with or without our agreement — turning the home into a corporate store front,” the McAfee report said.

The report said parents “will become aware of notable corporate abuses of digital content generated by children,” as part of this effort to boost profitability.

McAfee said it expects some impact for the May 2018 implementation of the European Union’s General Data Protection Regulation, which limits how data is used and sold and which would affect companies with operations in the EU.

The GDPR regulation “makes 2018 a critical year for establishing how responsible businesses can pre-empt these issues, respecting users’ privacy, responsibly using consumer data and content to enhance services, and setting limits on how long they can hold the data,” said McAfee vice president Vincent Weafer.

Advertisements

Kenyan opposition cries foul ahead of new presidential vote

October 25, 2017

AFP

 

© Patrick Meinhardt, AFP | Jubilee ruling party supporters in Nairobi celebrate the Supreme Court’s decision to proceed with the re-run of the presidential elections on October 25.

Text by FRANCE 24 

Latest update : 2017-10-25

In a shock decision last month, Kenya’s supreme court nullified President Uhuru Kenyatta’s re-election, citing irregularities. But ahead of a new presidential vote on Thursday, supporters of opposition leader Raila Odinga are already crying foul.

Opposition leader Odinga challenged Kenyatta‘s August 8 victory, claiming hackers had infiltrated election servers and manipulated the vote.

After reviewing the evidence, the country’s highest court agreed. Citing irregularities and possible illegalities – as well as the electoral commission’s unwillingness to let court-appointed technicians scrutinise its servers – it took the unusual step of nullifying the vote and ordering a new presidential election to be held within 60 days.

The Kenyan opposition maintains that not enough reforms have been implemented to ensure that a new election would be more free or fair than the last. Odinga has said he will not participate in another round of voting until the necessary changes have been made and a petition was filed with the Supreme Court to delay the October 26 vote until its credibility could be guaranteed.

The court was to hear a petition filed by three Kenyans, including a human rights activist, on the eve of Thursday’s vote. But as the Supreme Court convened to review the complaint a series of dramatic events prevented it from achieving a quorum, meaning the election would go ahead as planned by default.

“It means elections are on tomorrow. There is no order stopping the election,” election commission lawyer Paul Muite told Citizen TV on Wednesday.

Supreme Court Chief Justice David Maraga appeared alone in the courtroom and said only he and one other judge had shown up for the hearing. Six judges are needed to render a decision.

>> Read more: Kenyan election board member flees to US, alleging death threats

One deputy chief justice was unable to attend the hearing after being targeted in a shooting last night in which her bodyguard was killed. Those in favour of delaying the vote were quick to suspect that the attack was linked to the vote.

“The opposition is already saying that was an attempt at intimidation,” said FRANCE 24’s Julia Speers, reporting from Nairobi.

JULIA STEERS REPORTS FROM NAIROBI
Subscribe to our videos for free!

Outside the court, hundreds of women in white scarves gathered to call for peace amid fears of violence. Kenyatta supporters celebrated the news that the election would proceed while those backing Odinga gathered in Nairobi’s Uhuru Park.

The governor of Kenya’s Kisumu county, an opposition stronghold, said the people would be justified in launching a revolt if the presidential election goes ahead, given the lingering concerns over the credibility of another vote.

“If the government subverts the sovereign will of the people … then people are entitled to rebel against this government,” Anyang Nyong’o told reporters on Wednesday.

>> Read more: Kenya election chief casts doubt on ‘free, fair’ poll

An opposition lawyer said any new presidential election would have no legitimacy because of a previous court ruling that deemed the appointment of certain electoral officers illegal.

“It would be illegal and unconstitutional for them to move ahead with the election,” lawyer James Orengo told media outside the Supreme Court.

The election’s August 8 first round plunged Kenya into its worst political crisis since a disputed 2007 vote erupted in violence that left more than 1,100 people dead.

(FRANCE 24 with AFP, AP and REUTERS)

Hackers Target Nation’s Schools — Your Child’s Personal Data Could Be For Sale

October 23, 2017

Criminals make student data public in escalating demands for ransom; some districts pay up

No automatic alt text available.

Hackers looking to exploit sensitive information for profit are increasingly targeting the nation’s schools, where they are finding a relatively weak system to protect a valuable asset: student data.

Cyberthieves have struck more than three dozen school systems from Georgia to

https://www.wsj.com/articles/hackers-target-nations-schools-1508751002

*********************************************

Hackers are targeting schools, U.S. Department of Education warns

CNN Money
 When Superintendent Steve Bradshaw first received a threatening text message in mid-September, he didn’t know it was coming from a hacker trying to exploit his Montana school district.

But soon, students and other schools around Flathead County were receiving threatening messages, too. More than 30 schools in the district shutdown for three days.

“The messages weren’t pleasant messages,” Bradshaw said. “They were ‘splatter kids’ blood in the hallways,’ and things like that.”

The U.S. Department of Education is now warning teachers, parents, and K-12 education staff of a cyberthreat targeting school districts across the country.

So far, at least three states have been targeted by the extortion attempt from hackers asking schools to give them money or the group will release stolen private records, according to the department.

“In some cases, this has included threats of violence, shaming, or bullying the children unless payment is received,” the department wrote in an advisory this week.

No automatic alt text available.

Bradshaw, the superintendent of schools in Columbia Falls, Montana said a hacking group broke into multiple school servers and stole personal information on students and possibly staff. He said after the threatening messages came, hackers asked for ransom.

In a ransom note sent to a number of Columbia Falls school district members and released by the county’s sheriff’s department, the hacking group called the Dark Overlord threatened the district and demanded up to $150,000 in bitcoin to destroy the stolen private data.

Image result for Dark Overlord, photos

The threatening letter talked about use of force, mentioned the name “Sandy Hook,” the elementary school in Connecticut where 20 small children and six adults were shot dead, and said victims would suffer financial and reputational damage.

Law enforcement said they did not believe the threats and determined the attackers were located outside of the U.S.

“We feel this is important to allow our community to understand that the threats were not real, and were simply a tactic used by the cyber extortionists to facilitate their demand for money,” the Flathead County Sheriff’s Office said in a Facebook post last month.

Bradshaw said the district is not paying the ransom, and he is still receiving threatening messages.

Related: The U.S. Army is teaching kids how to hack at DEF CON

The same hackers also targeted the Johnson Community School District in Iowa earlier this month, and the district canceled all classes on October 3. According to local media reports, the hackers also sent threatening text messages to children and their parents.

The hacking group previously attempted to extort Netflix (NFLXTech30) after hacking its production studio, Larson Studios. The group released episodes of Orange is the New Black online last spring.

It’s unclear why the Dark Overlord began targeting schools but someone from the hacking group told the Daily Beast they are “escalating the intensity of our strategy in response to the FBI’s persistence in persuading clients away from us.”

The Department of Education says the hackers are probably targeting districts “with weak data security, or well-known vulnerabilities that enable the attackers to gain access to sensitive data.” It advises districts to conduct security audits and patch vulnerable systems, train staff on data security best practices, and review sensitive data to make sure no outside actors can access it.

According to Mary Kavaney, the chief operating officer of the Global Cyber Alliance, school environments often don’t have a lot of technology resources dedicated to security, but have some of the richest personal information on people, including social security numbers, birth dates, and, potentially, medical and financial information.

“If bad actors can access student [personal data], that information can be exploited for the purpose of fraud and committing crimes for years before it is detected,” Kavaney says. “It’s often only upon application for a job, or application for financial aid to attend college that students find out that their social security number has been used fraudulently — they may have poor credit due to false applications against their history, or worse, find that crime has been committed in their name.”

Bradshaw says the ordeal has been stressful and troubling. Because the district hasn’t paid the hackers, they’re still threatening to release the data online. But, he said, the response from law enforcement and the Flathead County community has been positive.

“We still got people in this country that believe in one another, and it’s been easier to get through than you would have thought,” Bradshaw said. “People care about people in this state.”

 http://money.cnn.com/2017/10/18/technology/business/hackers-schools-montana/index.html

Prague hackers’ congress to address ‘financial freedom’

October 6, 2017

AFP

.

© GETTY IMAGES NORTH AMERICA/AFP | Freeing up finance, one crypto currency at a timePRAGUE (AFP) – 

A hackers’ congress launched in Prague on Friday will discuss new cryptocurrencies and other tools to combat the erosion of financial freedom around the world, organisers said.

“Technology will allow users to shake off economic dependence on the state and achieve financial and personal freedom,” co-organiser Martin Sip said in a statement at the start of the three-day event.

Organisers cited the anonymous cryptocurrencies Monero and Zcash, crypto-markets and decentralised exchange offices as examples of tools that could boost financial freedom.

Amir Taaki, a British-Iranian hacker and expert on the bitcoin cryptocurrency, told reporters in Prague that the western world was going through a social crisis rooted in its economic system.

“Today, most of the work that people do in their lives has absolutely no meaning and no purpose whatsoever,” said Taaki, who founded Britcoin, Britain’s bitcoin exchange.

“What is guiding this mechanistic system that uses human beings as objects is… a system of financial enslavement,” he said, adding that the system wielded “a really sinister form of social control”.

“Our task is to… challenge this system of hierarchy and the state to restore back people’s sense of autonomy and free life.”

“We have to find new forms of economic organisation… (and) bitcoin is the biggest tool that we have to challenge the power of the central banks today.”

Wearing a cap, sunglasses and a mask at Prague’s Institute of Cryptoanarchy, which is hosting the congress, a hacker nicknamed Smuggler said freedom suffers in a financial system dominated by central banks.

“We’re living in a world where we don’t really have money in the sense that we can just transact, but we always have money with permission,” he said.

Earlier this week, reports said the US-based investment bank Goldman Sachs was looking into ways to trade bitcoin to meet client demand.

This would mean a breakthrough as large banks have so far avoided trading in bitcoin due to its reputation as a conduit for illicit activity.

But financial companies have been active in the development of “blockchain,” the underlying technology of bitcoin, which is seen as a potentially major breakthrough.

Bitcoin reached the psychologically important milestone of trading at $5,000 on September 1. It has been retreating since then, trading at $4,375 on October 2.

SEC Discloses Edgar Corporate Filing System Was Hacked in 2016

September 21, 2017

The SEC disclosed that hackers penetrated its electronic system for storing public-company filings and may have traded illegally on the information.

Breach may have allowed trading that profited from nonpublic information, regulator says

.

WASHINGTON—The top U.S. markets regulator disclosed Wednesday that hackers penetrated its electronic system for storing public-company filings last year and may have traded on the information.

The Securities and Exchange Commission’s chairman, Jay Clayton, revealed the breach in an unusual and lengthy statement issued Wednesday evening that didn’t provide many details about the intrusion, including the extent of any illegal trading.

The SEC said it was investigating the source of the hack, which exploited a software vulnerability in a part of the agency’s Edgar system, a comprehensive database of filings made by thousands of public companies and other financial firms regulated by the SEC.

The commission said the hack was detected in 2016, but that regulators didn’t learn about the possibility of related illicit trading until August, when they started an investigation and began cooperating with what the SEC called “appropriate authorities.”

A spokesman for the Federal Bureau of Investigation declined to comment on the SEC disclosure.

The commission’s disclosure follows a major breach of Equifax Inc. that affected 143 million Americans and warnings from executives of the New York Stock Exchange and Bats Global Markets Inc. that a planned data repository of all U.S. equity and options orders could become a juicy target for hackers.

“Cybersecurity is critical to the operations of our markets and the risks are significant and, in many cases, systemic,” Mr. Clayton said in a written statement. “We also must recognize—in both the public and private sectors, including the SEC—that there will be intrusions, and that a key component of cyber risk management is resilience and recovery.”

The intrusion shows how confidential information that can yield easy trading profits has increasingly become a target of hackers.

The SEC in December sued three Chinese traders who allegedly earned more than $4 million in illegal gains after they stole information from the computer systems of Cravath, Swaine & Moore LLP and Weil, Gotshal & Manges LLP, which represent Wall Street banks and Fortune 500 companies.

The SEC’s Electronic Data Gathering, Analysis and Retrieval system, or Edgar, is used by investors who access the online system to view companies’ earnings statements and other disclosures on material developments at companies. Some companies purchase and resell electronic feeds of the filings that cater to electronic and algorithmic traders.

Mr. Clayton’s statement didn’t identify the precise date of the intrusion or what sort of nonpublic data was obtained. The agency said the hackers exploited a vulnerability in part of the Edgar system that allows companies to test the accuracy of data transmitted in new forms. Many corporate filings are made public as soon as they are received through Edgar, although other forms may have to be reviewed first by SEC staff.

The SEC’s statement also didn’t explain why the SEC waited to reveal the breach until Wednesday.

SEC officials have sometimes indicated they could take enforcement action against a public company that misled investors about a significant hack that affected share prices.

Mr. Clayton, who is due to testify before the Senate Banking Committee next week, is sure to face questions about his own agency’s cyber vulnerabilities.

“We face the risks of cyber threat actors attempting to compromise the credentials of authorized users, gain unauthorized access to filings data, place fraudulent filings on the system, and prevent the public from accessing our system through denial of service attacks,” Mr Clayton said. “We also face the risks of actors attempting to access nonpublic data relating to our oversight, or enforcement against, market participants, which could then be used to obtain illicit trading profits,” he added.

The Edgar system, which was launched to equalize access to information among retail and sophisticated investors, has occasionally caused headaches for the commission. Academic researchers found in 2014, for instance, that hedge funds and other rapid-fire investors got earlier access to market-moving documents from Edgar than other users of the standard, web-based system, giving them a potential edge on other traders. The SEC later said it fixed the problem.

The system has also been exploited by traders who submitted fake corporate filings. In 2015, a 37-year-old man in Bulgaria filed a fake takeover offer for Avon Products Inc., which succeeded in sending the beauty-product company’s shares soaring but netted the mastermind just $5,000, regulators alleged.

Mr. Clayton’s statement acknowledged that the planned data repository, known as the Consolidated Audit Trail, could be targeted by cyber thieves looking to steal personal information of stockbrokers’ customers. The audit trail has been in the works for nearly seven years and the SEC approved its final design last year. However, exchange executives have recently cited the Equifax hack as evidence that the audit trail should be pared back, even if that takes away information that could help regulators spot manipulative traders more quickly.

Stock and options exchanges, as well as the Financial Industry Regulatory Authority, which oversees brokers, are due to begin reporting data to the repository in November.

Robert Cook, chief executive of Finra, also has questioned whether the audit trail should be scaled back in light of the Equifax data breach. Speaking Wednesday at a banking luncheon in Washington, Mr. Cook questioned whether the database designed to help regulators sort through flash crashes and spot market manipulation should include personal information about stockbrokers’ customers.

“Especially post-Equifax when we are trying to win back investor confidence in the markets, it seems to be a useful question to ask whether we’ve got the right approach here or we need to revisit it,” he said.

Write to Dave Michaels at dave.michaels@wsj.com

https://www.wsj.com/articles/sec-discloses-edgar-corporate-filing-system-was-hacked-in-2016-1505956552

Russia-tied hackers can gain control of power network: report

September 6, 2017

AFP

© Getty/AFP/File | In the past year the Dragonfly 2.0 cyber-espionage group has become “highly focused” on energy systems, the security firm Symantec said, and its hacking attempts accelerated in the first half of this year

WASHINGTON (AFP) – A Russia-linked cyber-espionage group has hacked into the controls of electricity distribution networks in the US and Europe, raising the risk of malicious, remotely-caused blackouts, computer security firm Symantec said Wednesday.Symantec said the group, dubbed Dragonfly 2.0, gained access to the operational systems in a number of energy operations in the United States, Turkey and Switzerland, “to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so.”

Symantec did not link Dragonfly 2.0, which has been around for several years, to any specific country. But other cyber security analysts and the US government say Dragonfly, also dubbed Energetic Bear, has Russian roots and links to the Russian government.

It said Dragonfly 2.0 had been known to target Western infrastructure in recent years, attempting to access computer systems to install its own backdoor entryways through phishing ruses.

But in the past year it has become “highly focused” on energy systems, Symantec said, and its hacking attempts accelerated in the first half of this year.

“This is clearly an accomplished attack group,” Symantec said.

“The Dragonfly group appears to be interested in both learning how energy facilities operate and also gaining access to operational systems themselves, to the extent that the group now potentially has the ability to sabotage or gain control of these systems should it decide to do so.”

The U.S. Navy is staffed by humans

August 26, 2017

By Ravi Velloor
The Straits Times

Four days after the USS John S. McCain suffered major damage in a collision while on approach to Singapore, questions swirl about the manner of the accident, and its reasons.

That it should have come so soon after a sister vessel the USS Fitzgerald suffered a similar accident while leaving a Japanese port, has raised a bunch of troubling questions.

As they say, the first time may be an accident and the second coincidence, but three becomes a pattern.

In the US Navy’s case – or more specifically, the 7th Fleet’s case – there have been not three, but four costly mishaps just this year.

Two other ships currently deployed to the Asia-Pacific, the USS Antietam that ran aground in Tokyo Bay and the USS Lake Champlain that struck a South Korean fishing boat, suffered damage this year.

That certainly makes for a pattern. With a US warship calling in Singapore every three days or so, there is every reason for the Republic to take more than a little interest in what’s going on.

Naturally, conspiracy theories abound.

One line of thinking is that hackers may have corrupted the massive computer systems of the John S. McCain and perhaps, other vessels.

In the case of the John S. McCain, that does not seem the case. Admiral Scott Swift, commander of the Pacific fleet, seems to have ruled out a cyber attack in near categorical terms.

Adm Swift should know, of course, but George Kurtz, former head of technology at MacAfee who now owns CrowdStrike, one of the world’s top cyber security companies, had a more nuanced view.

Image may contain: outdoor

USS John S. McCain sustained damage to her port side, which is the left side of the vessel facing forward. Photo was taken off Changi Naval Base on Aug 21, 2017. ST PHOTO: ​DESMOND FOO

 

While declining to speculate, he told me that any assessment of an incident of this nature would necessarily have to be placed in a geo-political context.

In the John S. McCain’s case, it had just completed a Freedom of Navigation Operation, or FONOP, in the South China Sea where it was repeatedly warned by Chinese vessels.

The current chatter in cyber security circles, he said, is that while the McCain’s computers may not have been compromised, it is probably worth examining if anyone could have tinkered with the GPS system to send her, or the other vessel, off course by a few hundred metres.

It is an interesting theory and not the first time it has come up for mention.

In the James Bond movie Tomorrow Never Dies, Pierce Brosnan is sent off by MI-6 on precisely such a mission: to block a power-mad media tycoon’s attempt to start the next world war by engineering an incident at sea. In that instance, a British man of war is diverted into the hands of what appears to be Chinese military, sparking fury in Whitehall.

While nothing can be ruled out these days, the likely explanation could be more mundane and hark back to the essence of the craft – the quality of seamanship.

All major navies of the world do suffer accidents. It is estimated that since World War II, the major navies would have together recorded at least 1,400 mishaps.

Closer home, in early 2014, the Indian Navy chief, Admiral DK Joshi, quit after a series of accidents involving his force. The costliest of those mishaps was the loss of a docked Kilo class submarine that sank after an explosion on board while loading missiles for a mission.

At the time, poor observance of protocols was cited as the reason. The larger pattern was one of falling standards, poor equipment, and inadequate training.

But the United States is considered the gold standard of the navy game. It has the best technology, whether for the turbines that provide the power below deck, or in the missiles and radars stacked above. Its warships are designed for far greater crew comfort, than, say, a comparable Russian craft. And it is the rare naval officer in the world who has not read up on the life and times of Admiral Hyman Rickover, father of the US nuclear navy, or wished to be like him.

Yet, the US Navy too is staffed by humans. And there is little doubt that its personnel have been under strain and its resources stretched.

The US Congress was recently informed that about 100 ships have been deployed every day since 2001, the year the US suffered the 9/11 attacks. Since its current strength is 277 vessels that makes for a massive utilisation ratio. This, naturally, tells on maintenance, crew rest and training.

While President Donald Trump has said he wants to take the navy to 350 ships, that is a long way away.

In the immediate future, the pressure on its resources will only grow since many ships are due to have completed their normal use cycle and come due for retirement, or scrapping.

http://www.straitstimes.com/opinion/us-navy-mishap-james-bond-or-poor-seamanship

Related:

.
.
.

HBO’s Hack: ‘Hollywood Is Under Siege’

August 11, 2017

The recent breach at the network highlights vulnerabilities unique to the entertainment industry

Image may contain: 2 people, ocean and outdoor

Aug. 11, 2017 5:30 a.m. ET

At a time when HBO should be relishing the record ratings of its hit drama “Game of Thrones,” executives there are instead are grappling with a hacker shakedown that could be a plot point on the network’s “Silicon Valley.”

The breach of the network’s systems that was disclosed last month is developing into a prolonged crisis. Hanging over HBO now is the daily threat of leaks of sensitive information, ranging from show content to actors’ and executives’ personal information.

The hack at HBO comes almost three years after a high-profile one at Sony Corp. and highlights persistent vulnerabilities unique to the entertainment industry. The pressing issue isn’t safeguarding credit-card numbers and account details. Instead, executives are worried about potential damage to intellectual property if television-show spoilers are made available before episodes are officially aired.

“Hollywood is under siege,” said Jeremiah Grossman, chief of security strategy for cybersecurity company Sentinel One. “It seems easy to hack a network, and they perceive that they can make money doing so.”

Already, scripts of “Game of Thrones” episodes have been leaked by the hackers, whose leader calls himself “Mr. Smith.” Also made public were episodes of other shows, including comedies “Ballers” and “Insecure,” and a month’s worth of emails from an executive.

When the hackers came forward late last month, an HBO technology-department employee sent them a letter offering $250,000 to participate in the company’s “bug bounty” program, in which technology professionals are compensated for finding vulnerabilities, according to a person familiar with the matter.

HBO was buying time with that response and isn’t in negotiations with the hackers, the person said. The hacker has demanded a ransom of around $6 million.

The network has also been working with the Federal Bureau of Investigation and other law-enforcement agencies and cybersecurity firms to address the matter, people familiar with the matter say.

Meanwhile, the cable network is playing Whac-A-Mole. It managed to take down the website and digital locker the hacker initially used to distribute show material after sending takedown notices to internet-service providers, according to the person familiar with the matter. It alerted potentially exposed “Game of Thrones” cast members of the hack before Mr. Smith posted material that includes some of their phone numbers.

In a statement, HBO Chairman and Chief Executive Richard Plepler said, “The consensus here was a path to transparency. When something like this happens, the best you can do is try to protect the people you work with inside and outside the company. That’s what our focus has been.”

Unlike retailers, entertainment firms usually don’t shoulder the burden of protecting customer-account details, because that is handled by cable, satellite and web-TV distributors.

The urgent worry is that fewer viewers will watch episodes that can cost several million dollars each if hackers supply a stream of spoilers. That hasn’t happened yet. The last “Game of Thrones” episode, which aired on Aug. 6 attracted a record 10.2 million viewers.

The fear also relates to the chance of emails emerging that could hurt relations with talent or other companies. In the Sony hack, then-studio chief Amy Pascal was embarrassed by emails in which she made a joke about President Barack Obama’s taste in movies as well as disparaging remarks about actors, including Adam Sandler.

“Leakage will be your worst nightmare; your competitors will know about current & future strategies, your inner circle inside HBO & senior staff will be thrown into chaos,” the hackers promised in a video note to Mr. Plepler they posted earlier this week.

HBO has said it expects more information to leak out but said its review of the matter “has not given us a reason to believe that our email system as a whole has been compromised.”

After the Sony hack, many entertainment companies, including HBO’s parent Time Warner Inc., beefed up their own security.

Around the same time, though, in a cost-saving move, Time Warner centralized much of the technology operations that previously existed in the individual units, which also include Turner and Warner Bros.

Now that strategy is being rethought, and the individual units are being encouraged to take on more autonomy and responsibility for their own technology infrastructure, the person familiar with the matter said.

Prior to the HBO hack, sister unit Turner Broadcasting had already begun the process of overhauling some of its information technology after an assessment revealed that a hack into one network, such as Cartoon Network, could easily be a gateway into CNN.

The HBO hack also comes as Time Warner is in the process of being acquired by AT&T Inc. However, the hack isn’t expected to have any effect on the sale or the terms of the deal, according to media analyst Michael Nathanson of MoffettNathanson Research. An AT&T spokesman declined to comment.

Cybersecurity expert Mr. Grossman, who has tested security networks for Hollywood TV and movie companies, said these firms are vulnerable because they work with so many partners that “their data is all over the place.”

Write to Joe Flint at joe.flint@wsj.com and Tripp Mickle at Tripp.Mickle@wsj.com

https://www.wsj.com/articles/hbos-hack-hollywood-is-under-siege-1502443802

Related:

HBO hackers demand millions in ransom note

August 8, 2017

AFP

© AFP/File | Hackers claiming to have breached HBO are demanding a ransom, threatening to leak more content from the popular show “Game of Thrones” if the network refuses to pay

WASHINGTON (AFP) – Hackers claiming to have breached HBO were demanding millions of dollars in ransom payments from the television group, while threatening to release more files from what is claimed to be a massive data breach.A video circulating online directs a message to HBO chief Richard Plepler claiming that the group “obtained valuable information” in an attack that yielded a whopping 1.5 terabytes of data.

The message was authored by someone identified only as “Mr. Smith.”

The website Databreaches.net reported that 10 files were leaked Monday as part of the demand including what may be another script of the popular fantasy series “Game of Thrones.”

The video revealed a letter stating the hackers obtained “highly confidential” documents and data including scripts, contracts and personnel files.

“We want XXX dollars to stop leaking your data,” the letter said, later alluding to a figure of half the group’s annual budget of $12 million to $15 million.

It went on to say, “HBO spends 12 million for Market Research and 5 million for GOT7 advertisements. So consider us another budget for your advertisements!”

The message comes a week after a leak of one script of “Games of Thrones” and content from other productions.

The letter said HBO was the 17th target for the hacking group and that “only 3 of our past targets refused to pay and were punished very badly and 2 of them collapsed entirely.”

HBO said in a statement that it believed that further leaks might emerge from the breach and that “the forensic review is ongoing.”

“While it has been reported that a number of emails have been made public, the review to date has not given us a reason to believe that our email system as a whole has been compromised,” the statement from the Time Warner unit said.

“We continue to work around the clock with outside cybersecurity firms and law enforcement to resolve the incident.”

Israel Security Chief: Agency Strikes Back at Online Hackers — Offensive cyber counterattacks

June 27, 2017

JERUSALEM — Israel’s security chief says his agency, the Shin Bet, has gone on the offensive against hackers trying to carry out cyberattacks against Israel on the internet.

The remarks by Nadav Argaman are a rare admission of Israel’s use of offensive cyber capabilities.

Argaman spoke at a cyber defense conference in Tel Aviv on Tuesday.

He says that “passive defense” is not enough, and that the Shin Bet studied hackers’ strategies and developed “a variety of ways and methods” on how to strike back.

Israeli cyber officials are ordinarily reluctant to discuss the use of offensive capabilities against hackers.