When hackers aren’t creating emergencies for companies through data theft and ransom demands, they are forcing them to be concerned about new tech vulnerabilities. Recent attacks do a good job of spiking those concerns again and hammering home the message that businesses of all sizes and activities need to remain vigilant.
Disney Hack: Hacktivist group ‘Nullbulge’ behind the attack
A hacktivist group calling itself “NullBulge” published a 1.1-TB trove of data late last week that it claimed is a dump of Disney’s internal Slack archive. Purportedly in the dump are all messages and files from almost 10,000 channels, including unreleased projects, code, images, login credentials, and links for internal websites and APIs.
They said they had obtained the data with the aid of a Disney insider, and identified the purported collaborator by name. It’s still unclear if hackers did in fact have inside help or if they could have plausibly used info-stealing malware to compromise an employee account. Disney did not confirm the breach nor return several requests for comment on the validity of the stolen data. In a statement to the Wall Street Journal, a Disney spokesperson said the company “is investigating this matter.”
The data which appears to have first surfaced Thursday morning was posted on BreachForums before it was pulled, though it remains active on mirror sites.
Disney Hack: What information were stolen?
Stolen information included IT development plans, recruitment candidates, movie and TV projects, coding work, and even, according to the Wall Street Journal, “photos of employees’ dogs.” Equally interesting to what was uploaded is the reason why the group uploaded its haul rather than the usual extortion demand.
Where is Nullbulge reportedly based?
Though Nullbulge is reportedly based in Russia, it’s an outlier in the world of ransom-seeking cyber criminals. Nullbulge describes itself as a “hacktivist” group on a mission of punishing companies it says abuse the work and copyright of artists, particularly those who use advanced technology, such as artificial intelligence, computer-generated images, among others.
That put Disney at the top of its list of accused corporate offenders. Its goal, then, wasn’t to get the Magic Kingdom to pay for the return of the data, but to give the rest of the world a peek inside how the company operates.
That’s especially true in the wake of a warning in a new Wired report, “Security researchers have long warned about corporate Slack accounts as a treasure trove for attackers if compromised.”
Statement from Roei Sherman
In an interview with Wired, Roei Sherman, the chief technology officer of IT threat detection and response specialist Mitiga Security, said those concerns will likely increase, and become only more layered as hackers further diversify their methods.
Sherman said, “Companies are getting breached all the time, especially data theft from the cloud and software-as-a-service platforms. It is just easier for attackers and holds bigger rewards.”
Disney Hack: Big AI worries
But beyond the stolen data, NullBulge’s hack spotlights a far greater issue. How AI is being used within the entertainment business. The group called out Disney’s stance toward AI, mirroring fears blasted by actors’ unions and writers’ guilds in recent contract negotiations.
Actors are worried about being replaced by the group of CGI characters, and writers are scared of losing their jobs to AI writing scripts. The negative impact of AI in the entertainment industry has been felt elsewhere also.
The Hollywood Actors struck last year over fears of AI taking their jobs and the cheapening down of quality when it came to visual effects that were placed within movies and television. This Disney incident is likely to fuel these discussions further with questions being asked about creative jobs in the future when AI technology is rapidly improving.
Conclusion
The breach into Disney’s Slack account is just another reminder of the type of threat that constantly hovers over our world. That being said, this particular incident places importance on the necessity of strong cybersecurity measures and the monitoring required to protect information sources. As Disney continues to dig deep and resolve this breach, organizations of all sizes should take this opportunity to review their security protocols.
Proactive measures in staff training and frequent upgrades to the system can help massively in reducing the occurrence of such breaches. Currently, in terms of event timing, customers and corporations must be awake and duly protect their online footprints from an evolving set of cyber threats.