Turbotodd

Ruminations on IT, the digital media, and some golf thrown in for good measure.

Archive for the ‘ransomware’ Category

Game of Hacks

leave a comment »

I’ve been following this HBO hack with great fascination.

One, because I’ve always had an interest in cybersecurity matters (although I’m not a hacker, nor do I play one on the Internets).

Two, because it’s HBO, whom I’m also a big fan of, and I still remember the reverberations of the Sony hack in late 2014, one which led to the downfall of its dear leader, Amy Pascal.

The Guardian has a new story out this morning on the HBO hack, alleging that the HBO hackers have "released personal phone numbers of Game of Thrones actors, emails and scripts in the latest dump of data stolen from the company," and, that they "are demanding a multimillion-dollar ransom to prevent the release of whole TV shows and further emails."

Where’s Daenerys Targaryen and those flying, fire-breathing dragons when you need them?

And is it just me, or do I find it completely serendipitous that this hack comes about around the time of probably one of the peak episodes of the entire GOT franchise…SPOILER ALERT…you know, the one where Daenerys finally unleashes the wrath of those damned dragons and Dothraki scythes on Jaime Lannister and his woefully unprepared army.

While GOT players will settle for bags of gold, the HBO hacker, now someone calling themselves "Mr. Smith." (You can’t make this $%#$ up!), has apparently told HBO chief executive Richard Plepler in a 5-minute video letter to pay the ransom within three days or they would put the HBO shows and confidential corporate data online.

Continues the Guardian report: "The hackers claim to have taken 1.5TB of data — the equivalent to several TV series box sets or millions of documents — but HBO said that it doesn’t believe its email system as a whole has been compromised."

Along with the video letter, the hackers have gone ahead and released 3.4GB of files, including technical data about the HBO internal network and admin passwords, draft scripts from five Game of Thrones episodes, and a month’s worth of email’s from HBO’s VP for film programming, Leslie Cohen.

The whole episode sounds as though it could have been derived from a script from Mr. Robot, but so far as I know, USA Network has, thus far, been immune from hacktivists.

HBO’s response, according to The Hacker News, is that the company’s "forensic review is ongoing."

But one has to wonder whether, somewhere on some back lot in Hollywood, that HBO’s brass is filling the gas tanks on a few dragons of its own.

For the audience, it may all just be pure entertainment.

But HBO is running a business, and they, nor any other going concern, should ever have to be held hostage by somebody calling themselves something as unimaginative as "Mr. Smith."

Especially not in Hollywood.

Written by turbotodd

August 8, 2017 at 10:28 am

The Petya Attack

leave a comment »

Another big ransomware attack is coming…has already arrived??

From The Verge: A major ransomware attack has brought businesses to a close throughout Europe, in an infection reminiscent of last month’s WannaCry attack. The most severe damage is being reported by Ukrainian businesses, with systems compromised at Ukraine’s central bank, state telecom, municipal metro, and Kiev’s Boryspil Airport. Systems were also compromised at Ukraine’s Ukrenego electricity supplier, although a spokesperson said the power supply was unaffected by the attack.

From Krebs on Security: A new strain of ransomware dubbed “Petya” is worming its way around the world with alarming speed. The malware is spreading using a vulnerability in Microsoft Windows that the software giant patched in March 2017 — the same bug that was exploited by the recent and prolific WannaCry ransomware strain….Security firm Symantec confirmed that Petya uses the “Eternal Blue” exploit, a digital weapon that was believed to have been developed by the U.S. National Security Agency and in April 2017 leaked online by a hacker group calling itself the Shadow Brokers….Organizations and individuals who have not yet applied the Windows update for the Eternal Blue exploit should patch now. However, there are indications that Petya may have other tricks up its sleeve to spread inside of large networks.

The Guardian is reporting that “Victims of a major ransomware cyberattack that has spread through the US and Europe can no longer unlock their computers even if they pay the ransom.”

The New York Times on what we know and what we don’t.

And from IBM’s X-Force Exchange: Petya Ransomware Campaign.

Written by turbotodd

June 27, 2017 at 4:14 pm

%d bloggers like this: