Ransomware, hacking and espionage: five global cyber attacks

With valuable content and well-known brands, the media, entertainment and technology industry has been the target of some high-profile cyber breaches from a range of attackers.

Netflix

1 May 2017

Netflix found itself embroiled in an extortion attempt by The Dark Overlord, a hacking group that attacked post-production company Larson Studios.

The Dark Overlord stole new episodes of Netflix’s season five of Orange is the New Black from Larson Studios, which worked on the audio post-production of the show.

The hackers demanded $50,000, which Larson paid, before further demands were made of Netflix. Netflix refused to pay, and the episodes were leaked.

Netflix issued a statement to press on the cyber attack, stating: “We are aware of the situation. A production vendor used by several major TV studios had its security compromised and the appropriate law enforcement authorities are involved.”

WPP

27 June 2017

Petya ransomware first began circulating in March 2016, with one of the most recent variants globally attacking and infecting UK-based advertising agency WPP. It’s the second high profile ransomware attack this year following on from the WannaCry cyber attack that targeted the National Health Services in May.

Ransomware has been around for 30 years yet the most recent WannaCry and Petya attacks lock files on computers with a demand for funds before the files are returned.

Payment is usually requested through digital currency Bitcoin.

At the time, WPP confirmed a number of its companies had been affected by the ransomware attacks.

”We are working with our IT partners and law enforcement agencies to take all appropriate precautionary measures, restore services where they have been disrupted, and keep the impact on clients, partners and our people to a minimum.

“Having taken steps to contain the attack, the priority now is to return to normal operations as soon as possible while protecting our systems.

”Our operations have not been uniformly affected, and issues are being addressed on a company-by-company basis. Many of our businesses are experiencing no or minimal disruption,” stated WPP.

Yahoo

14 December 2016

Yahoo identified security concerns affecting around 1 billion users after its data was compromised in August 2013.

This was the second cyber attack to hit Yahoo, which had 500 million user accounts breached in 2014.

In a statement, Yahoo CEO Marissa Mayer said: ”There is nothing more important to us than protecting our users’ privacy.”

The statement was released after numerous reports suggested that the US govenrment had secretly accessed Yahoo and other technology companies without their permission.

Mayer said: ”I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever.”

TV5Monde

8 April 2015

A malicious targeted software attack was used to compromise TV5Monde network systems in April 2015.

TV5Monde Director General Yves Bigot was alerted to 12 channels going off the air, which almost jeopardised the entire company.

The attack corrupted and destroyed the internet-connected hardware that controlled the station’s encoder systems.

Following the attack, employees were unable to send emails, reverting instead to fax machines and computer-based workflows all required testing and virus scanning causing the company a loss of thousands of euros.

While initially believed to be a jihadist attack, it was later suggested that the attack was carried out by a group of Russian hackers.

Sony Pictures Entertainment

24 November 2014

“A brazen cyber attack” on Sony Pictures Entertainment (SPE) resulted in the cancellation of the 2014 theatrical release of The Interview, a comedy starring James Franco and Seth Rogen about the assassination of North Korean leader Kim Jong-un.

The hacker group named ‘Guardians of Peace’ stole large quantities of confidential and sensitive information from Sony, including current and former employees’ salaries, health care, pension information and contact details as well as obtaining information about films which were uploaded and released on file sharing websites for the public to download.

Sony released a statement: “Sony Pictures has been the victim of an unprecedented criminal assault against our employees, our customers, and our business.

”Those who attacked us stole our intellectual property, private emails, and sensitive and proprietary material, and sought to destroy our spirit and our morale – all apparently to thwart the release of a movie they did not like.

”We are deeply saddened at this brazen effort to suppress the distribution of a movie, and in the process do damage to our company, our employees, and the American public.

”We stand by our filmmakers and their right to free expression and are extremely disappointed by this outcome.”

The North Korean government demanded that the film not be released, however it denied any involvement in the cyber attack.

Source:https://www.ibc.org/tech-advances/ransomware-hacking-and-espionage-five-global-cyber-attacks-/2077.article