Header graphic for print
Steptoe Cyberblog

Hacking Hollywood

Posted in China, Cybersecurity and Cyberwar, Data Breach, International, Security Programs & Policies

That might sound like breaking news from 1983, but this time we’re not talking movie plots, we’re talking business. Specifically how Chinese cyberespionage could affect Hollywood’s bottom line. The Hollywood Reporter asked me to talk about that impact in a guest column, out this week. Here’s some of what I said:

Hollywood might be blinded by its own product. China’s cyberspies aren’t intrepid Jolt-drinking loners (with an occasional adoring girlfriend) navigating dangerous networks to snatch secrets and flee before they’re geo-located by their opponent’s giant global tracking system.

No, the hacking campaigns described by Mandiant and others have all the flash and derring-do of your latest trip to the dry cleaners. …

It’s routine. So routine, in fact, that most of the hacking is done between 8 a.m. and 5 p.m. Beijing time. …

Hollywood might not have big secrets, but it’s got plenty of little secrets that someone in China probably wants. No government on Earth is more sensitive to its depiction in mass media than China’s. Why wouldn’t its government want to read the earliest versions of Hollywood’s scripts or have a ringside seat while studio execs debate how best to accommodate Chinese censors?

And don’t rule out what might be called crony espionage, either. Any company that has juice with the central government is a candidate for the cheapest form of state aid: free access to the secrets of their competitors and joint-venture partners. China is an enormous market, with the potential for great profits. But if the other side knows just how hungry the studios are — by reading their internal communications — the studios won’t leave the table with more than crumbs. Once you know the other side’s bottom line, it’s amazing how good a negotiator you can be.

Disputes that arise after the deal is done can be handled the same way. People who sue Chinese companies, along with their lawyers, are targeted by hackers. When security researchers are asked how many of the 100 largest U.S. law firms have been compromised by China, estimates range from 80 to, well, 100.

As for corruption, there’s no more sensitive topic in China. If a Western company is under investigation for paying bribes to Chinese officials, as many entertainment companies are now rumored to be, it’s safe to assume that the Chinese government will want to know — ahead of time — what the company is planning to tell the U.S. Securities and Exchange Commission.