Suspect allegedly stole scripts and threatened to leak them
unless company paid a ransom
By Nicole Hong
This article is being republished as part of our daily
reproduction of WSJ.com articles that also appeared in the U.S.
print edition of The Wall Street Journal (November 22, 2017).
Federal prosecutors unsealed charges Tuesday against a hacker
linked to Iran's military, accusing him of hacking into HBO's
computer network, stealing unreleased scripts of "Game of Thrones"
and then threatening to leak them publicly unless HBO paid a
multimillion-dollar ransom.
Behzad Mesri, who is believed to be in Iran and hasn't been
arrested, was charged by the Manhattan U.S. attorney's office on
seven counts, including computer fraud, wire fraud and aggravated
identity theft.
The government said Mr. Mesri, 29 years old, is a computer
hacker in Iran who has worked on behalf of the Iranian military to
target Israeli infrastructure and nuclear software systems. He has
allegedly operated under an online hacker pseudonym of "Skote
Vahshat."
A lawyer for Mr. Mesri couldn't immediately be identified.
Joon Kim, the acting Manhattan U.S. attorney, said at a news
conference that Mr. Mesri applied the skills he learned with the
Iranian military to extort HBO for personal profit.
"Today's charges make clear that nation-states like Iran
routinely employ alleged criminals [and] mercenaries like Mesri to
conduct network attacks in America and elsewhere," Mr. Kim
said.
Mr. Kim said the government decided this was the right time to
publicize charges against Mr. Mesri, after assessing whether there
was a realistic chance of luring him outside of Iran to make an
arrest.
Since at least May, Mr. Mesri began monitoring the online
activities of HBO employees, looking for vulnerabilities in the
company's network, according to prosecutors.
Over the next couple months, Mr. Mesri compromised user accounts
that belonged to HBO employees and used them repeatedly to gain
unauthorized access and steal proprietary information from the
company, the indictment said.
Mr. Mesri allegedly stole scripts and plot summaries for unaired
episodes of the HBO's series "Game of Thrones," as well as video
files with unaired episodes of such shows as "Ballers" and "Curb
Your Enthusiasm."
He also stole financial documents, credentials for HBO's
social-media accounts and the emails of at least one HBO employee,
the indictment said.
On July 23, an anonymous email was sent to HBO employees that
included the following message: "Hi to All losers! Yes it's true!
HBO is hacked!" The email allegedly provided evidence that the
hacker had successfully stolen proprietary data from HBO, a unit of
Time Warner Inc.
Another email later that day included a threat to publicly
release the stolen data, including unaired TV episodes and scripts,
unless HBO paid a ransom of approximately $5.5 million worth of
bitcoin. The email concluded with an image of the Night King, a
character from "Game of Thrones," and said: "Good luck to HBO."
In the coming days, emails from the anonymous hacker to HBO
personnel raised the ransom to approximately $6 million worth of
bitcoin, threatened to destroy data on HBO's servers and provided a
deadline of July 29 for HBO to begin making ransom payments if it
wanted to prevent the public disclosure of stolen data.
On July 30, Mr. Mesri began leaking some stolen materials over
the internet, prosecutors said, suggesting that HBO didn't pay the
ransom. To promote the disclosures, Mr. Mesri allegedly contacted
members of the media and created a Twitter account to announce the
leaks.
A spokesman for HBO said Tuesday that the company has been
"working with law enforcement from the early stages of the cyber
incident."
In recent years, hackers have increasingly used cyber extortion
-- or stealing corporate secrets and threatening to publicize them
if the victims don't pay a ransom -- as a way to make money, with
Hollywood studios as particularly attractive targets, experts
say.
For entertainment companies, it isn't credit-card numbers at
stake in a data breach but intellectual property and loss of
business if spoilers of upcoming movies and TV shows are released
early.
There is also the potential for damaging correspondence to
become public. The hack at HBO happened almost three years after a
high-profile breach at Sony Corp., which unleashed a trove of
emails that embarrassed top executives.
During the cyber siege this summer, HBO worked with
investigators and law-enforcement agencies and alerted "Game of
Thrones" cast members, some of whom had their personal information
exposed. The company also took down the website and digital locker
used by the hacker to distribute show materials after sending
takedown notices to internet-service providers, The Wall Street
Journal previously reported.
The hack and its fallout has been a headache as HBO's parent
company, Time Warner, tries to complete its sale to AT&T Inc.
On Monday, the Justice Department filed a lawsuit to attempt to
block the $85 billion deal, a move which the companies have vowed
to fight in court.
HBO is a growth engine for Time Warner, generating $4.65 billion
in revenue in the first nine months of the year, about 21% of the
company's total revenue.
Write to Nicole Hong at nicole.hong@wsj.com
(END) Dow Jones Newswires
November 22, 2017 02:47 ET (07:47 GMT)
Copyright (c) 2017 Dow Jones & Company, Inc.
Time Warner (NYSE:TWX)
Historical Stock Chart
From Aug 2024 to Sep 2024
Time Warner (NYSE:TWX)
Historical Stock Chart
From Sep 2023 to Sep 2024