When a hacking group recently set its sights on Hollywood, the more wizened in the industry were apt to respond, so what’s new?
Hacking — whether for the purpose of obtaining movie scripts, racy photos of tabloid darlings or merely for publicity — certainly predated Hollywood Leaks, the group’s vowed to target high-profile figures and creative types to wreak havoc on the business.
What may be different is their means; what should be different is the response.
Hollywood Leaks has been breaking into celebrity email accounts and other “protected” destinations and posting private photos and cellphone numbers online. The result is a hodgepodge of TMZ-esque information, like nude photos of rapper Kreayshawn, private photos of Julianne Hough, the script for the upcoming musical “Rock of Ages,” and cellphone numbers of young Hollywood celebrities. After announcing on Twitter two weeks ago their intention to create “carnage,” their work has hardly brought the industry to a halt, but they promise more.
The response from the victims has been varied, but Kreayshawn called them “anti-Hollywood extremists,” which is just the kind of attention that hacking groups crave.
“The first way to think about this targeting of celebrities and people who are high profile is that it is not a new thing in the hacking community,” said Hemanshu “Hemu” Nigam, founder of SSP Blue, who has led security efforts at News Corp. and Microsoft and now advises the industry. “One of the things they love is attention, attention, attention. But lately it has gone mainstream. The media is constantly covering any hacking out there. What is different is that now they are announcing their own intentions.” The evolution in hacking means that studios’ attention “now needs to turn to not just theft for piracy reasons but hacking attacks for the sake of attacking,” he said.
In June, Sony Pictures Entertainment suffered a massive hacking attack of user account information. PBS’ site got hacked in May just as it was airing a “Frontline” documentary on WikiLeaks. Hacking group LulzSec claimed credit for both.
While studio security has grown more sophisticated, individuals, even celebrities, are often much more vulnerable. A celebrity may think that they have all the protection they need with the team of agents, managers, publicists and others, when in fact their presence in cyberspace gets short shrift.
Unlike other groups, Nigam notes, hackers like Hollywood Leaks don’t appear to have political motives; they’re in it purely for the publicity.
“A lot of them do this for the bragging rights, to show that they are the fastest hacker in the West,” said Parry Aftab, a lawyer specializing in privacy and Internet security who is managing director of WiredTrust. “They do it for fun.”
When Warner Bros. was making “Batman and Robin” in the 1990s, someone got on set, camcorded footage and sold it to one of the evening tabloid shows. When an arrest was made, the studio responded by holding a press conference.
Such public pronouncements today are more likely to be a dare than a deterrent. “Discretion is the better part of security when it comes to these things,” Aftab said. Like Nigam, she instructs clients on steps to take to prevent attacks — or at least mitigate the damage. For example, “kill switches” can erase contents of PDAs. Or it can be as simple as not making your passwords so personal.
Her rule, whether for kids being cyberbullied or celebrities with Twitter feeds under attack, is to “stop, block and tell someone” who can help take quick action, but “do not respond and do not feed the troll.”
In a business of easily bruised egos and thin skins, the other rule should be to not take it personally. “Whether (the hackers) like them or not has nothing to do with it,” Aftab said. “It really is about how famous they are, and what they will do to get the bragging rights to take them down.”