One of the most popular Netflix series, Orange is the New Black, scored an early parole due to some bad behavior this weekend. TheDarkOverload, the group claiming responsibility for the hack, already released the season five premier and is threatening to release “a trove of unreleased TV shows and movies.”
While ransomware has been dominating the headlines in the last year, the OITNB content was held for ransom the old-fashioned way with TDO obtaining access to the network and stealing the data. As CSO Online has already stated, the delivery method has yet to be verified, splitting the possibilities between server-side hacking and phishing. Over 90% of breaches start with a phish, so either possibility has merit.
As noted in our most recent Malware Review, encryption malware, or ransomware, has gained significantly in popularity with criminals, but information and data theft still reign supreme.
This type of attack also underscores the need to verify the security of your vendors. While Netflix was targeted with the ransom request, the attack itself was against a 3rd party that Netflix works with, Larson Studios. Some of you may remember the infamous Target hack was carried out by compromising a HVAC company and stealing credentials.
Regardless of the method of attack, the best defense is still a human. Recognizing and reporting phishing emails will help organizations eliminate the majority of attacks and speed the response time. If the OITNB hack is found to be caused by malware delivered by a phishing email, the entire fiasco could have been avoided by detecting and responding to the threat at the time of delivery rather than after exfiltration.
While no system is 100% secure, pairing human defense and regular vendor security reviews can greatly reduce the likelihood and impact of a breach.
To improve your human defense, see a demo of PhishMe today.