Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

HBO hack behind Game of Thrones season 7 script leak is a sign of things to come, warn cyber security experts

Stealing high-profile films and TV shows has become an easy way of generating publicity

Andrew Griffin
Tuesday 01 August 2017 14:40 BST
People watch the seventh season premiere of US TV show "Game of Thrones" at the Mayakovskaya metro station in Moscow early on July 18, 2017
People watch the seventh season premiere of US TV show "Game of Thrones" at the Mayakovskaya metro station in Moscow early on July 18, 2017 (VASILY MAXIMOV/AFP/Getty Images)

A leaked Game of Thrones script appears set to show what's going to happen next week. But the the hack that allowed it to be leaked in the first place could show what's going to happen in the coming years.

HBO has confirmed that it has been hacked and had a range of important files stolen, which appears to include upcoming TV shows as well as the script. A spokesperson did not confirm which programmes were taken, but a statement from HBO's chief executive confirmed that the hackers had stolen "proprietary information".

In all, the hackers claim to have taken 1.5 terabytes of information from HBO, and is hoping that the cache will bring it attention. The group sent an email to reporters offering an interview to anyone who "spread the word" about the cyber attack.

And that could be a clue to why the hackers stole the information in the first place. Films and TV shows – and the companies that own them – are becoming one of the most high-profile hacking targets in the world, and so are likely to continue leaking online.

That is a relatively new phenomenon, according to David Emm, Kaspersky Lab's principal security researcher. At first, and throughout the 90s and early 2000s, most hackers were intent primarily on vandalism rather than making money, but with time it became clear that cyber attacks could bring with them serious money.

As people become more dependent on technology and connectivity in both their working and personal lives, there becomes more of an incentive and reason to hack them. And that brought with them a range of people in addition to the traditional petty criminals, such as people who want hold others to ransom, cause damage to people's reputations or identify the flaws in a certain system so that they will be fixed, says Mr Emm.

The value of such a hack is entirely dependent on how much attention it can bring. If a cyber attacker broke into a normal, not especially interesting company and stole some of its intellectual property, then it's unlikely that people care; hacking into HBO and stealing Game of Thrones piggybacks on one of the most active talking points in the world.

Entertainment companies are like governments and hacking groups in that their intellectual property is of interest to everyone – Mr Emm points to the example of The Hacking Team, for instance, which provided access to computer vulnerabilities and so forced administrators to scramble to respond. Others have attempted to capture information just by their sheer scale, like the WannaCry attack, which made its way around the entire world, and those that followed.

The HBO hack is just the latest in a range of hacks targeting high-profile films and TV shows. They began in earnest in 2014, when Sony was hacked apparently in response to the film The Interview; last year saw Disney pursued over a purported early copy of a Pirates of the Caribbean film; and earlier this year a hacker claimed to have leaked episodes of Orange Is The New Black before they were made available on Netflix.

Each of those hacks managed to attach themselves to the popularity of the series and take some of the same interest, especially when they actually steal the films and TV shows themselves.

"Ever since the infamous attack on Sony Pictures, there is evidently an appreciation on the part of hackers for stealing high value content such as movies (Pirates of the Caribbean) and TV shows (Orange is The New Black)," said Richard Stiennon, chief strategy officer at Blancco Technology Group. "Final production videos are a class of information and the theft of such information poses extraordinary losses, if stolen."

Game of Thrones: Season 7 Episode 4 Preview

Clearly there is damage to be done to a company by stealing the videos from which it makes its money. But the videos themselves are valuable because people want to see and share them, and so they naturally help propel knowledge of the hack.

As such, it's unlikely that any company could hide knowledge of such a hack – even when it only serves to help the cyber attackers. That changes the way that companies should respond to them.

"One thing that's not going to wash in this day and age is trying to cover it up," says Mr Emm. "We live in an age where stuff goes global very quickly."

Instead, companies should work out what has happened – how a person got into the system, in the same way that police would secure and scour a crime scene in the real world. Then a company can deal with all the various impacts such a leak has, from securing its systems to handling the press reports so that they don't damage the company or its show too much.

In the meantime companies should work to lock down their systems to avoid such attacks, Mr Emm says. Traditionally that has involved trying to keep people out of companies, but they should now assume people are already in and make sure that information is encrypted and secured as much as it possibly can be.

But however companies work to avoid and fix those attacks, they're going to continue. What experts call the "attack surface" – the potential ways a hacker can get in – is ever expanding as we rely more and more on computers, and cyber security awareness is not spreading at the same rate.

Join our commenting forum

Join thought-provoking conversations, follow other Independent readers and see their replies


Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in