Toronto Film Fest Ups Cybersecurity Over New Hacking Threat

Toronto Film Fest Ramping Up Cybersecurity - Illustration by Katie Carey -H 2017
llustration by Katie Carey

After the disruption of Sundance, culture events like TIFF are now on high alert for attacks possibly motivated by "a personal or political grudge."

Following the January cyberattack that brought down Sundance's box office and crippled Park City Wi-Fi access for several days, Toronto organizers are facing the grim reality that festivals have become just as attractive a target as studios and networks.

"Think of all the possible motivations for people bringing down a festival," says Tim Toohey, who heads the cybersecurity practice at Hollywood law firm Greenberg Glusker. "They could want to get access to the intellectual property. They may have a personal or political grudge."

Toronto Film Festival organizers wouldn't divulge exact details of its cybersecurity, but they say the fest will continue to adapt to evolving threats. "Our IT team has worked on improving protocols around online security, including consulting with other international festivals that have experienced challenges in this area," a TIFF spokesperson tells THR.

In the case of Sundance, the FBI jumped in after the festival was hit by multiple attacks that targeted its box office and IT infrastructure. Simultaneously, Sundance was hit with widespread Wi-Fi outages. Though the two events never were publicly revealed to be connected, sources say they were.

At the time, everyone from Vladimir Putin to China's Communist Party was fingered as suspects (the Sundance lineup included docs critical of the Russian government and fare certain to anger China). But a knowledgeable source says the attack likely was carried out by a pro-Donald Trump local, given that the worst outages took place on the same day that thousands marched on Main Street in protest of the new president.

Ultimately, TIFF will need to treat its firewall with as much caution as its red carpet. As with physical threats, however, there is only so much that can be done.

Says Toohey, "There are limitations to what you can do in terms of preventing a DDoS attack [which floods the bandwidth or resources of a targeted server] if there is enough firepower from the other side."

This story first appeared in the Sept. 6 issue of The Hollywood Reporter magazine. To receive the magazine, click here to subscribe.