Hacking the Met.
N2K logoDec 12, 2022

The Metropolitan Opera House in New York City fell victim to a cyberattack disclosed last week.

Hacking the Met.

The Metropolitan Opera in New York has sustained a cyberattack that shut down the opera house’s website and box office.

The show must go on at the Metropolitan Opera.

The Record reports that the attack was disclosed by the opera house on Wednesday evening. A Twitter post from the @/MetOpera account on Wednesday says “The Met has experienced a cyberattack that has temporarily impacted our network systems, which include our website, box office, and call center. All performances will take place as scheduled.” The Twitter thread continues on to say that new ticket orders, exchanges, and refunds are unable to be processed, and directs you to the opera house’s site for updates. ABC7 reported that as of Friday, tickets are being sold on the Lincoln Center website and in person at David Geffen Hall. The FBI is also investigating.

Similarities between the attack on the Met and the WordFly incident.

SC Magazine reports that this attack follows an attack on WordFly in July that victimized cultural organizations, including the Royal Shakespeare Company, Sydney Dance Company, and the U.K.'s Old Vic Theatre. WordFly, the Record reports, was a provider of digital marketing services for a range of cultural organizations around the world.

Expert commentary on the Met’s hacking incident.

Will LaSala, Field CTO at OneSpan, discusses this attack in relation to DDoS attacks:

"These types of cyberattacks are happening more frequently than ever. We saw similar attacks against airports in October, which crippled flight travel in the US. These attacks are known as Distributed Denial of Service (DDoS) attacks. Hackers leverage computers that are connected to the internet and infected with malware to send massive amounts of requests, hoping to overwhelm and crash a victim’s site. This has been done for payment or even to impact the reputation of opposing political views. Unfortunately, as organizations become more digital, these types of attacks can become more invasive and can lead to other style attacks. The key to resolving these attacks is to ensure that any site infrastructure is geographically and logically redundant and can dynamically scale to increase, but not break. This is crucial as hackers look for such tipping points where it becomes too costly for organizations to handle spikes as large as some of these attacks.

“As these DDoS attacks focus on causing havoc with the victim’s site, additional attacks often spring up to cause further damage. Social engineering attacks look for these exact types of news stories so that they can use it to encourage a customer to act quickly and avoid the massive attacks that are happening - convincing users to hand over authentication and identity credentials. This calls for mechanisms that verify transactions and members of any organization, that offer guidance on what could happen in an emergency like this. This includes explicitly educating users that they will never be asked for authentication credentials for any reason, especially during a hacking event or when the company's site is unavailable. Technology can help make this easier as well, with new connected authentication and verification devices. These devices prevent the customer from being able to give away credentials by leveraging Fast ID Online (FIDO). They can also present the customer with details of the transaction directly on the secure screen of the device, ensuring transaction details come directly from the business and are not manipulated while the transaction is being transmitted back and forth. Advanced identity verification systems can also help businesses with detecting when synthetic identities are being used to conduct business. Combining such technologies and education before a crisis hits, will ultimately ensure the digital world is more secure."