While the world focused on the WannaCry ransomware attacks in early May, a number of news stories broke highlighting a different kind of cybersecurity ransom. Ransomware such as WannaCry lock you out from accessing your own files and will not give access back until you pay the ransom. More industrious and targeted hackers however prefer to steal specific targeted files and threaten to either release them publicly or sell them to competitors if a company does not pay the ransom.
This has come up a number of times within the context of the entertainment industry, with a specific focus on streaming video services. Within the past two months, hackers have managed to obtain illegal copies of Disney’s new Pirates of the Caribbean: Dead Men Tell No Tales movie. They have also managed to obtain illegal copies of Netflix’s new season of Orange is the New Black. Disney and Netflix reacted similary to the attacks, stating they would work with law enforcement to find and arrest the thieves, but would not take any steps to meet the demands of the ransomers.
These attacks differ from ransomware attacks in that the hackers are not withholding access to the files or threatening to destroy them. Both Disney and Netflix retain the original copies of these movies and tv shows to continue working on them and eventually releasing them. Instead, the hackers are threatening to release the works early through torrenting sites if the companies do not pay the ransom.
These two thefts highlight a number of issues in the context of cybersecurity and how it impacts modern businesses. Both thefts appear to have occurred through third parties. Hackers stole Orange is the New Black from a well-respected post-production company working on the season. That company suffered a security breach that resulted in the breachers obtaining the files for the upcoming season. Experts suspected hackers obtained the Disney movie through a similar post-production company. "These thefts shine a spotlight on the need for companies to ensure that vendors with whom they do business have adequate cybersecurity in place to protect their intellectual property," warns Charlie E. Bernier Principal Consultant and Cyber Insurance Expert at ECBM.
While traditionally companies worried about cybersecurity have focused on breaches resulting in the theft of personally identifiable information of their customers or the outright theft of money, these attacks also highlight the need for companies to approach cybersecurity from the perspective of protecting valuable intellectual property. This may involve approaches like segmenting information and systems into “need to know” and “need to have” files with controlled access, isolating certain key systems and files from the rest of the network, and even more innovative approaches like creating dummy files that may look valuable to hackers but contain tracking software and no valuable information.
These hacks have targeted high profile works like films, but there is no reason for hackers not to also steal valuable research and development projects, important strategy documents, or even computer algorithms vital to your company; securing a competitive advantage and holding them for ransom. Charlie also recommends to "make sure you have a plan in place to stop them before they target you."