Hacked! Netflix & Larson Studios – What We Can Learn
Wednesday, June 21st, 2017
Larson studios has just broken their silence on being hacked and extorted earlier this year. Most people heard of Netflix being hacked and episodes of the popular show Orange Is The New Black being leaked, however with Larson Studios opening up about the particulars, we can learn from their mistakes.
The first lesson? Larson was targeted at random and the hackers gained access to the unreleased TV show via an unpatched Windows 7 workstation.
“They were basically just trolling around to see if they could find a computer that they could open,” Larson Studios chief engineer David Dondorf said. “It wasn’t aimed at us.”
The hacking group known as The Dark Overlord (TDO) were scanning the internet looking for older versions of Windows to exploit.
The lesson is no matter the size of your company, update and patch every system on the network. “A lot of what went on was ignorance,” Rick Larson, President of the studio stated. “We are a small company.”
The second lesson? According to Mr. Larson, “Don’t trust hackers.”
According to the studio, Larson paid over $50,000 in Bitcoins to prevent the new season of their popular show from being leaked but TDO leaked it anyway.
The hacking group claims it leaked the episodes after the studio contacted the FBI.
“With the information that we had, we made the best decisions we could make at the time,” Mr. Larson explained. “Those would not be the decisions that we would make now.”
The last lesson? With their pockets full, TDO plans to take on other studios including Fox, IFC, National Geographic and ABC the group announced that Twitter.
“Now, because we punish in a pervasive guilty-by-association manner, other companies in the American entertainment industry shouldn’t be surprised if they were too wake up to a verbose, condescending, and abusive letter in their inbox extending a hand of friendship and (most likely) demanding a modest sum of internet money,” they wrote.
This will most likely embolden other hacking groups to reach out grab and find specific and valuable information and hold it for ransom.