Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Hollywood Got Hacked: Studio at Center of Netflix Leak Breaks Silence (variety.com)

Posted by msmash on from the how-it-all-unfolded dept.

Earlier this year, hackers obtained and leaked the episodes of TV show Orange Is the New Black. In a candid interview, Larson Studios' chief engineer David Dondorf explained how the audio post-production business allowed the hacker group to gain access to the Netflix original content. Dandorf says the company hired private data security experts to find how it was breached. The investigation found that the hacker group had been searching the internet for PCs running older versions of Windows and stumbled across an old computer at Larson Studios still running Windows 7. From the report: Larson's employees just didn't know all that much about it. Having a computer running an ancient version of Windows on the network was clearly a terrible lack of oversight, as was not properly separating internal servers from the internet. "A lot of what went on was ignorance," admitted Rick Larson. "We are a small company. Did we even know what the content security departments were at our clients? Absolutely not. I couldn't have told you who to call. I can now." It's a fascinating story about how the hacker group first made contact and tried to threaten Larson Studios' president and his wife, and how they responded. Worth a read.

8 of 79 comments (clear)

  1. Windows 7 is now considered old? by w1zz4 · · Score: 5, Insightful

    i call this bullshit

    1. Re:Windows 7 is now considered old? by omnichad · · Score: 5, Insightful

      No kidding. Especially if you're trying to run commercial-grade audio production software. Windows 7 doesn't mean a thing for security unless it's the original release without updates.

    2. Re:Windows 7 is now considered old? by mjwx · · Score: 3, Insightful

      i call this bullshit

      Windows 7 is old, just not obsolete.

      Windows 7 was released in October 2009, which makes it almost 8. Windows XP was released in 2001 and didn't have a suitable successor until October 2009. By that time scale, Win7 is nearing the end of it's life. As long as M$ can create a decent OS after the abortion of Windows 8 and the ad-tastic Windows 10.

      In the terms of OS's, 8 is positively ancient. I remember using Android in 2009, anyone who didn't see the evolution of Android wouldn't believe it was the same OS compared to today. MS has kept it updated, but that doesn't change the fact that it was released many years ago.

      --
      Calling someone a "hater" only means you can not rationally rebut their argument.
    3. Re:Windows 7 is now considered old? by arth1 · · Score: 3, Insightful

      Windows 7 is old, just not obsolete.

      It's mature, not old.
      As of May this year, Windows 7 has 49.5% market share, with Windows 10 only having 26.8%. If anything, that tells you that Windows 10 is immature, not that Windows 7 is old.

      TFA makes absolutely no sense. If they meant MacOS 7, I can understand it. But Windows 7 is still what pretty much every business has as standard, and the 26.8% Windows 10 users being mostly home users who either gave up on the GWX barrage and installed the downgrade, or have bought a new PC where it is pre-installed.

  2. Ancient version of Windows by viperidaenz · · Score: 5, Insightful

    any by ancient, they mean supported until 2020

  3. Takeaway: Blackmailers no longer reliable by SuperKendall · · Score: 4, Insightful

    I actually read through the whole thing, and what I got out of it was that while paying off the ransom in the past used to result in the outcome you were paying for, you can no longer rely on that to be true.

    So keep good backups and if you get hacked send the attackers the middle finger instead of bitcoin and just let them do whatever, but they can continue to do whatever fed by frozen 7-11 burritos instead of your hard-earned money.

    I do think even after the ransom was paid, they should have let clients know what happened immediately... that is the other big learning point I'd hope other companies take away from this. People understand computers get hacked, they will be sympathetic towards you as long as you are very open about what happened and when and tell everyone as soon as you know.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:Takeaway: Blackmailers no longer reliable by dwywit · · Score: 3, Insightful

      All good thoughts, but they weren't hit with file-encrypting ransomware, they were hit by people who illegally copied new episodes of a show and threatened to leak said shows if ransom wasn't paid.

      --
      They sentenced me to twenty years of boredom
  4. Ok, probably just say you took it up the ... by paravis · · Score: 3, Insightful

    Instead of blaming it on an "ancient" version of Windows (by who's standards, I really don't know), they should probably just acknowledge the fact that one of their employees was more than likely surfing the net for porn and clicked a bad link. Of course, that would be totally embarrassing and would probably devalue the company or push away possible new clients. But come on ... Making the "president and his wife" out to be victims ... They put themselves in that situation by allowing the employees on their payroll to compromise their entire network through uncontrolled and insecure internet access. This has ABSOLUTELY NOTHING to do with Windows 7! My goodness ... How the heck is Windows 7 a "lack of oversight" ... Wouldn't a more appropriate attribute for lack of oversight be allowing their employees to compromise invaluable data? Ha. Blame it on the inanimate object ... Of course!