Slashdot Mirror

← Back to Stories (view on slashdot.org)

How Hollywood Got Hacked: Studio at Center of Netflix Leak Breaks Silence (variety.com)

Posted by msmash on from the how-it-all-unfolded dept.

Earlier this year, hackers obtained and leaked the episodes of TV show Orange Is the New Black. In a candid interview, Larson Studios' chief engineer David Dondorf explained how the audio post-production business allowed the hacker group to gain access to the Netflix original content. Dandorf says the company hired private data security experts to find how it was breached. The investigation found that the hacker group had been searching the internet for PCs running older versions of Windows and stumbled across an old computer at Larson Studios still running Windows 7. From the report: Larson's employees just didn't know all that much about it. Having a computer running an ancient version of Windows on the network was clearly a terrible lack of oversight, as was not properly separating internal servers from the internet. "A lot of what went on was ignorance," admitted Rick Larson. "We are a small company. Did we even know what the content security departments were at our clients? Absolutely not. I couldn't have told you who to call. I can now." It's a fascinating story about how the hacker group first made contact and tried to threaten Larson Studios' president and his wife, and how they responded. Worth a read.

5 of 79 comments (clear)

  1. Windows 7 is now considered old? by w1zz4 · · Score: 5, Insightful

    i call this bullshit

    1. Re:Windows 7 is now considered old? by omnichad · · Score: 5, Insightful

      No kidding. Especially if you're trying to run commercial-grade audio production software. Windows 7 doesn't mean a thing for security unless it's the original release without updates.

  2. Ancient version of Windows by viperidaenz · · Score: 5, Insightful

    any by ancient, they mean supported until 2020

  3. Takeaway: Blackmailers no longer reliable by SuperKendall · · Score: 4, Insightful

    I actually read through the whole thing, and what I got out of it was that while paying off the ransom in the past used to result in the outcome you were paying for, you can no longer rely on that to be true.

    So keep good backups and if you get hacked send the attackers the middle finger instead of bitcoin and just let them do whatever, but they can continue to do whatever fed by frozen 7-11 burritos instead of your hard-earned money.

    I do think even after the ransom was paid, they should have let clients know what happened immediately... that is the other big learning point I'd hope other companies take away from this. People understand computers get hacked, they will be sympathetic towards you as long as you are very open about what happened and when and tell everyone as soon as you know.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  4. Post Production Studios Run Much Older Than 7 by un1nsp1red · · Score: 4, Interesting

    Worked at a post-production facility in LA until last year. There's SO much specialized software still currently in use that just can't handle certain operating systems (or the company who made it has since disappeared and is no longer updating the software). We had several NT 4 machines still in use (again, this was in 2016). It wasn't about patching the OS -- there was no way to do it and keep certain necessary software working. Some of it was niche (mastering DVD images [yes, they're still making them]), but if it brings in a few hundred thousand a year, they're going to keep using it until the machines die and can't be resuscitated.