Harber: The Netflix hacker’s mistake
Author: Aaron Harber - May 12, 2017 - Updated: May 5, 2017
In a cyber attack on Netflix and major networks, a hacker who calls themselves “The Dark Overlord,” held hostage programs which have yet to be publicly released. In an attempt to extort the companies which own the shows, the hacker threatened to release the programs before their official release dates — thus preempting the channels, networks and platforms which had carefully scheduled and scripted those release dates.
All the shows allegedly were stolen from Larson Studios, a Hollywood company that is dedicated to the post-production aspect of finishing or “polishing” the soundtracks of movies and television programs. This means the completed programs are delivered to a company such as Larson and their experts perfect the sound using a variety of highly specialized tools.
So the hacker cleverly realized Larson Studios was the equivalent to the end of a funnel where many programs from different companies flow through. So, rather than separately hacking multiple companies such as Netflix, ABC, FOX, etc, the culprit conveniently could get everything it wanted from one place. And, unfortunately, that place did not have the prerequisite security controls to prevent the hack. Nor does it appear its customers had insisted on a certain level of security to prevent such hacks.
The hacker released the following totally absurd statement — reflective of our world of alternative facts. In this case, the criminal is blaming the victim for the criminal’s actions.
“It didn’t have to be this way, Netflix. You’re going to lose a lot more money in all of this than what our modest offer was … We’re quite ashamed to breathe the same air as you. We figured a pragmatic business such as yourselves [sic] would see and understand the benefits of cooperating with a reasonable and merciful entity like ourselves … And to the others: there’s still time to save yourselves. Our offer(s) are still on the table — for now.”
However, the hacker wasn’t as smart as they thought they were for two reasons. First, they foolishly picked Netflix as its first target and thought Netflix would lose a lot of money by the premature release of the first 10 episodes of the award-winning series, “Orange Is The New Black.”
Yet Netflix is commercial-free, so it won’t lose one penny in advertising revenue because its income is based on the monthly fees it charges subscribers. And Netflix does not release its audience viewing numbers so any numerical loss of audience, in certain respects, is insignificant.
Second, although Netflix initially may not get some new subscribers (who, instead of signing up due to the new season of OITNB, will watch the pirated versions), it is unlikely it will lose any of its current subscribers because the hacker failed to get the final three episodes of the 13-show series. So current Netflix subscribers are likely to stay onboard so they can see the end of the season.
And, if millions of people who currently are not subscribers to Netflix see OITNB for the first time and fall in love with the series, Netflix might actually gain subscribers due to the hack and the publicity generated by it. Thus, Netflix actually could profit from the hack as potentially new subscribers “sample” its fare, albeit quite illegally.
If the hacker had been as smart as they thinks they are, they would have issued their first threat against a commercial network, such as ABC, whose lifeblood is the advertising it sells. Commercial networks such as ABC, CBS, NBC and all the others who have programs with advertising typically pre-sell almost all their advertising weeks and even months in advance of broadcast.
Those advertising sales are based on projected audience sizes and demographics individualized for each program, with certain minimum sizes and demographics guaranteed by each network to advertisers. Depending on the advertising agreement, if a show fails to deliver the numbers promised by a network, that network has to refund a portion of the advertising revenue or find ways to “make up” for the missing audience by playing the ads elsewhere.
So, if “Grey’s Anatomy” or “MARVEL’s Agents of S.H.I.E.L.D” (two of my favorite ABC shows) were to be released prematurely by the hacker and millions of people watched the shows on a pirate website instead of on ABC, the network could lose millions of dollars in advertising revenue.
By going after Netflix first, however, the hacker picked the wrong target while simultaneously giving the FBI and other law enforcement agencies time to try to track them down as well as shut down the pirate websites. The remaining questions are, “How quickly can the hacker be identified?” and “How fast can pirate websites be shut down?”
The latter may be particularly difficult if the hacker prearranged to have a series of websites loaded with the shows so, as one is taken down, another pops up in its place. And the former is a challenge because it still is relatively easy to create a chain of IDs which are difficult to trace to the actual hacker.
Stay tuned to see how effective law enforcement and the private sector can be in addressing these challenges. There’s much more to come!