sb-nz logo
Story image

Epic hacker fail: An exclusive look at the Netflix hack with ESET

04 May 2017

This week news broke of a hacker’s bold attempts to extort Netflix for ransom, after they claimed to release several episodes of the popular TV series Orange is the New Black.

We had a quick chat with ESET’s senior research fellow Nick Fitzgerald for an expert's perspective on what the Netflix hack means for the future of streaming networks - will it see the downfall of some of the world’s most powerful legal streaming websites?

“Predicting the directions cybercriminals will turn next is a pretty thankless task, but whether we see this kind of thing happen more in future will depend on how victims react,” he says.

In the Netflix example, they didn’t pay the ransom - so at least the hackers didn’t get rich for their efforts. While promising, it doesn’t necessarily mean other streaming networks will do the same. 

“The cybercriminals behind this leak claim to also have other unreleased content. If any of that is for release on more traditional broadcast media, the content owner or broadcaster may be more likely to pay up,” he explains.

He points out that the 2014 Sony Pictures hack is another example of how hackers try to control media releases - in that instance the hacker tried to prevent the release of ‘The Interview’ by threatening to release confidential data.

Both the Sony and Netflix hack are examples of what Fitzgerald calls ‘doxware’ - in which hackers hold sensitive data hostage until the victim pays the ransom. It’s similar to ransomware but it goes a step further by hacking and threatening to release confidential data.

“When potentially dox’ing a movie or TV studio, it might seem obvious to target unreleased content, but as this case shows, Netflix’s distribution model may mean that such content is not such an effective target,” he says.

The Sony hack used traditional doxing methods because the hacker released some of the information to prove they were serious.

“Sometimes, more material is released if the ransom demand is not met. This happened in the Sony Pictures case, as it did in the Ashley Madison hack, where the victim company also did not accede to the attacker’s demands and their entire user database was released,” he points out.

So with companies such as Netflix offering cheap and high-quality films and TV series against the deluge of torrent sites that distribute malware-filled copies, does this mean that a lack of interest in the leaked episodes be a good or a bad thing for piracy?

FitzGerald cites stats from Sandvine, which found that between 2011 and 2016 BitTorrent’s share of daily internet traffic in North America dropped from 23% to less than 5%.

“To me, Netflix’s unwillingness to pay the ransom, and the subsequent lack of outrage over the leak, cements the newfound power of streaming services over pirated content,” he says.

He adds that although 10 out of the 13 episodes of Orange Is The New Black have been leaked, Netflix will officially release the series in the next month.

Die-hard TV and movie pirates will no doubt be happy, but will novice pirates go to the trouble of locating and downloading this content? Given the reputation of torrented content as a hotbed of malware and other nasties, probably not,” he says.

He understands that the leaked episodes are only in 720p, have audio errors and image quality issues.

“Netflix will be releasing it in full 4K HDR – I know which I’d prefer to watch!”

Story image
Hornetsecurity acquires Altaro, the latest in acquisition spree
The move is a culmination of a medley of acquisitions made by Hornetsecurity recently, following the January 2019 acquisition of Spamina, a Spanish cloud email security company, as well as EveryCloud, its British market partner, in early 2020.More
Story image
Fortinet promises free cybersecurity training until skills gap trend reverses
"We are committed to continue offering the entire catalogue of self-paced Network Security Expert training at no cost until we see the skills gap trend reverse."More
Story image
Microsoft top targeted brand by cyber criminals in Q4 2020
In Q4, 43% of all brand phishing attempts related to Microsoft (up from 19% in Q3), as threat actors continued to try to capitalise on people working remotely during the COVID-19 pandemic’s second wave. More
Story image
Dark net vendors wanting Bitcoin payments for unverified COVID-19 vaccines
As the medicines are being offered on the dark net, purchasers have no way of knowing whether they are genuine, according to Check Point.More
Story image
Top security threats for 2021
2021 will see several themes develop into full blown security threats, many of them borne from the struggles of pandemic-stricken 2020, writes Wontok head of technology Mick Esber.More
Story image
Palo Alto Networks advances attack surface management with Expanse
"By integrating Expanse's attack surface management capabilities into Cortex after closing, we will be able to offer the first solution that combines the outside view of an organisation's attack surface with an inside view to proactively address all security threats."More