Over the last week, we have been hearing more and more about the HBO hack. Earlier this week, a ransom demand was put in place and as a show of power, the hackers also released confidential emails and new Game of Thrones details. Now, we have learned that HBO has been trying to bargain with the hackers, even offering them a $250,000 ‘bug bounty’ award to give the company more time.
The person or group behind the HBO hack claims to have around 1.5TB of data from the company, including emails, scripts, episodes of TV shows and more. The hackers first contacted HBO with a ransom note on the 23rd of July, then on the 27th of July, HBO offered money in exchange for a deadline extension.
CNET managed to get hold of the email and verify its legitimacy, here is what it said: “We have received your letters and we appreciate your making us aware of security vulnerabilities we had not previously known about”.
The email then goes on to tell the hackers that HBO has “a bug bounty program to reward ‘white hat’ IT professionals” who point out security flaws. The email then goes on to state that the company has not been able to look through everything the hackers sent over or obtain a large enough sum of Bitcoin to meet demands. From there, it says: “You have the advantage of having surprised us. In the spirit of professional cooperation, we are asking you to extend your deadline for one week. As a show of good faith our our side, we are willing to commit to making a bug bounty payment of $250,000 to you as soon as we can establish the necessary account and acquire Bitcoin.”
Now it is important to note that this wasn’t necessarily a cooperation effort on HBO’s part but rather, a tactic to stall for time while investigations were underway. Still, it is an interesting insight into what goes on behind the scenes when a major cyberattack like this takes place.
KitGuru Says: So far, many of the HBO leaks have centred around Game of Thrones but with the season about to end in a couple of weeks, it seems like the hacker’s bargaining chips are getting less valuable.