As Game of Thrones fans watch the unfolding drama in Westeros on their TV screens, corporations around the world are equally riveted by the now public battle for HBO’s data. The ransom message sent to Richard Piepler, CEO of HBO, not only outlines the terms of the attack team’s demand, including an image of the Night King balancing out HBO’s options, but also reveals a great deal about the hackers themselves.
Identifying himself as Mr Smith, the spokesperson makes a few things clear. Although demanding an undisclosed number of millions of dollars, the ransom note which is now being publicly shared on Facebook, states (in his own words): ‘Our motives isn’t political nor financial. (Even we hate trump like other Americans do). Its like a game for us, we enjoy to get data. Money isn’t our main purpose.’
Mr Smith is also at pains to differentiate himself and ‘his colleagues’ from other hackers who were notably involved with the Netflix breach earlier in the year: ‘We are whitehat hackers and it’s very shameful if you compare us with some noisy & amateur blackhat ones like Darkoverlord’. The term ‘white hat’ comes from Western films, where the heroic cowboy wears a white hat and the bad guy wears a black one. It is now used as internet slang for an ethical computer hacker, or a computer security expert who specialises in penetration testing and in other testing methodologies to ensure the security of an organisation’s information systems. Whether an organisation demanding millions of dollars ransom can ever be described as ‘white hat’ is doubtful, although Mr Smith is at pains to disagree.
‘Don’t call us nasty Hackers, we are IT professionals, consider what is done to you as a huge pentest‘, he writes. In fact Mr Smith’s email reveals that ‘HBO was one of our difficult targets to deal with but we succeeded. (It took about 6 months)’. But keen to elevate his whitehat ethics he continues: ‘You will see in future steps in our operation that we fulfil any promises made and any given word…The answer is simply: we are white-Hat. You must trust us. The HBO is our 17th Target. Only 3 of our past targets refused to pay and were punished very badly and 2 of them collapsed entirely’.
Ridiculing the ‘greedy CEO or an Idiot one who doesn’t understand the new era of cyberspace’ Mr Smith explains why his organisation has out-foxed a number of corporate giants. He asks, ‘How are you able to stop a group like us that spends about 400 – 500,000 dollars in a year to buy Odays exploits? We often launch two major operations in a year and our annual income is 12 – 15 million dollars. We are serious enough to do our business, the main question is: How much is your seriousness to keep your empire on its feet in a BRAVE NEW WORLD?’
Providing a leakage schedule, Mr Smith has given Richard Piepler three days to respond to the group’s demands and warned against bringing in the FBI or ‘other f***ing IT idiots’. It is too late for that, he claims. Providing a simple choice between a Bitcoin transfer and the destruction of the HBO empire, he invites them to ‘declare your surrender!’ and decide between falling or standing as a media giant.
How HBO’s CEO feels right now is anyone’s guess. His situation is in some ways comparable to that of the warring houses of George R R Martin’s creation. For years they thought their enemies were each other but are now realising that the real enemy is one few of them has ever seen. Richard Piepler and HBO had probably considered their competitors to be their enemies, but now see in this Brave New World of cyberspace that the real enemy is also the unseen one; and on this occasion, one who claims to wear a white hat.
Instances like the HBO attack are, thankfully, rare but the case brings to light a number of important points for CEOs everywhere. Firstly, do not underestimate the determination, ingenuity and skill of hackers. Secondly, that conducting your own penetration testing and vulnerability assessments are preferable to having a hostile outsider do it for you. SRM has many years’ experience in all aspects of information security and has a team which is experienced and highly skilled in penetration testing, vulnerability assessments and ethical hacking. In short, we are the good guys; the real White Hat Hackers.