Growing anger in the struggling visual effects community is raising concerns that some of its more extreme members could mount a cyber attack against a major vfx facility with the intention of damaging digital assets for one or more upcoming studio tentpoles.
At present, the evidence that such an offensive is in the works is slim but significant enough to prompt rumblings among vfx insiders regarding specific plans being in the offing.
If successful, a cyber attack that damaged or destroyed vfx assets could set back production by months, cost each pic affected tens of millions of dollars, and wreak havoc with release dates. Any vfx company that lost its studio assets would probably be out of business in short order, as it would never again be trusted with studio work.
Even an attack that only disrupted a company’s internal network could slow production and add costs.
Variety contacted six major visual effects studios. Half declined comment and the others said they were unaware of any such specific threat. Some said that while they had not previously increased security, they would do so now.
The circumstances that would precipitate an attack aren’t difficult to divine. Some of the most aggrieved members of the vfx community are the same people who designed the inner workings of vfx houses, including render servers, composite pipelines and back-up systems.
Popular on Variety
Many visual effects workers are furious at the crisis besetting their industry and feel the majors are making millions from vfx-driven tentpoles while the artists who work on those pics put in arduous hours without health care coverage, retirement plans or job security. The immediate provocation, however, is said to be a string of real and perceived slights during Sunday’s Academy Awards ceremony, which provoked a torrent of fresh outrage vfx artists worldwide.
Vfx workers took to the streets with their protests on Sunday with a demonstration staged at the intersection of Hollywood and Vine, down the road from the Dolby Theater at Hollywood and Highland where the Oscars were staged.
David Rand, an organizer of Sunday’s protest, decried the idea of a cyber attack.
“I’m personally against that because a lot of the shops they’d be attacking are victims themselves,” he said. “But I’m not in favor of an attack on the studios, either. That’s not what we want to do, we want to show them a better way to work.”
One visual effects studio topper, who asked not to be identified due to fear of retaliation by hackers, the called the notion of a cyber attack “misplaced aggression.”
“The companies are suffering too,” he said. “There’s no single common enemy. We keep hearing about the evil studios, but it’s way deeper. It’s procurement practices, it’s subsidies, it’s globalization, it’s over-saturation of the marketplace, it’s underbidding. This terrorism, if were to happen, would hurt the very people it’s meant to help. Everybody suffers. I find it despicable. It’s the wrong way to do this.”
In a statement, the Visual Effects Society said: “While we understand and sympathize with the frustrations out there we cannot condone that kind of action.”
Security at visual effects studios is a major concern for the majors, who conduct regular audits at facilities where their tentpole pics are made. On one Warner Bros. movie, security measures at the vfx studio’s London HQ included all work on the pic being contained to a single floor, with only authorized artists given access to that floor, and a separate network for that picture, air-gapped from the rest of the company network.
Vfx companies commonly disconnect their production networks from the Internet, so artists who want email and web access must use a separate computer and network. However as more and more companies rely on offshoring and outsourcing, they have come to rely on data networks for sharing and reviewing digital assets over vast distances. People who helped design and build the infrastructure would know of any “back doors” or vulnerable spots, both human and electronic.
Vfx pros confirmed such an attack is possible. Former Digital Domain topper Scott Ross recalled that during a feud between DD and Warner Digital in the 1990s, DD staffers created a T-shirt that had a shrunken head of Bugs Bunny on the front and some Unix code on the back. “The code turned out to be instructions to bring down a network and wipe everything on it,” said Ross. “I checked with my computer scientists and they said it was absolutely possible.”
Previous cyber attacks on showbiz sites include an April 2012 attack on Sony’s PlayStation Network and a June 2011 attack on a German anti-piracy site. If there is a precedent for a cyber attack on a digital production facility, it has not been made public.