Leaked email suggests HBO willing to haggle with hackers

Leaked email suggests HBO willing to haggle with hackers. The July 27 email was sent by John Beyler, an HBO executive who thanked the hackers for "making us aware" of previously unknown security vulnerabilities. It appears to be an effort by the hackers to embarrass HBO, according to The Hollywood Reporter, which obtained a copy of the email. The Daily Beast posted the full text of the email. "In the spirit of professional cooperation," the executive asked for a one-week delay and said HBO was willing to make a "good faith" payment of $250,000, calling it a "bug bounty" reward for IT professionals rather than a ransom. HBO declined to comment. If it was a bug bounty, it'd be on the up and up." Then, last week, hackers using the name "Mr. Smith" posted a fresh cache of stolen HBO files online, and demanded that the network pay a ransom of several million dollars to prevent further such releases. But paying ransoms to hackers can be dangerous because it shows that being a bad-guy hacker is a good business, said cyber-security expert Oren Falkowitz, CEO of Redwood City, Calif-based Area 1 Security. Companies would be better off investing in preventing email spear-fishing attempts and other hacking techniques, he said.

BOSTON — Hackers released an email from HBO in which the company expressed willingness to pay them $250,000 as part of a negotiation over electronic data swiped from HBO’s servers.

The July 27 email was sent by John Beyler, an HBO executive who thanked the hackers for “making us aware” of previously unknown security vulnerabilities.

It appears to be an effort by the hackers to embarrass HBO, according to The Hollywood Reporter, which obtained a copy of the email. The Daily Beast posted the full text of the email.

“In the spirit of professional cooperation,” the executive asked for a one-week delay and said HBO was willing to make a “good faith” payment of $250,000, calling it a “bug bounty” reward for IT professionals rather than a ransom.

HBO declined to comment. A person close to the investigation confirmed the authenticity of the email, but said it was an attempt to buy time and assess the situation.

The same hackers have subsequently released two dumps of HBO material and demanded a multi-million dollar ransom.

Whether or not HBO ever intended to follow through with its $250,000 offer, the email raised questions Friday among security professionals about the importance of the data as well as how it will affect future attacks.

“It’s interesting that they’re spinning it as a bug bounty program,” said Pablo Garcia, CEO of FFRI North America, based in Aliso Viejo, California. “They’re being extorted. If it was a bug bounty, it’d…

Tags from the story
,
Written By
More from Industry News

Insider & Third-Party Access As Top Cyber Threats

Author: Chris Olson / Source: Information Security Buzz Insider and Third-Party access have been...
Read More

Leave a Reply

Your email address will not be published. Required fields are marked *