Latest Sony Hack is Some Serious Shit

Tuckerfan · Dec 4, 2014

Remember last year when Sony was getting hacked on a seemingly daily basis? This time someone, possibly North Korea, went after Sony Pictures, and not only did the hackers dump unreleased movies on to the net, but gigabytes of personal information.

All sides agree that the cyberattack against Sony is unprecedented in its personal nature and maliciously destructive scope, an attack not intended to enrich anyone or gather any sort of corporate or financial intelligence but specifically to humiliate and harm a specific multinational company—a truly massive crime.

The extent of the Sony breach continues to be revealed even a week after it first struck, but so far the company’s losses involve the theft and leaking of 11 terabytes of data that includes several unreleased films and a litany of internal company documents. Employee salaries and Social Security numbers, sensitive email attachments, and even a file purporting to be a list of grievances about work conditions at the company. In addition, an FBI memo leaked exclusively to Bloomberg Politics issued to subscribers of its Liaison Alert System email list this week indicated the attack also involves malware that destroys files and renders entire computer systems permanently damaged.

“Destructive malware used by unknown computer network exploitation (CNE) operators has been identified,” the alert warns. “This malware has the capability to overwrite a victim host’s master boot record (MBR) and all data files. The overwriting of the data files will make it extremely difficult and costly, if not impossible, to recover the data using standard forensic methods.”

The memo also includes computer code to watch out for, suggesting the FBI fears the form of the Sony attack could be replicated against other entities.

“We normally see hacks that steal information, but this is a destruction—they actually destroy files—and that’s very rare,” said Richard A. Clarke, former top cybersecurity adviser to Presidents Bill Clinton and George W. Bush. “They destroy revenue by leaking movies haven’t been released and putting them on the pirate market. They destroy Sony’s reputation with the internal documents. It’s a very smart and destructive attack. I can’t remember seeing that happen before in the United States.”
Click to expand...

There's more, and no one's really certain who's behind it. According to one tech podcast I listen to, the FBI has seized many of the infected PCs and told Sony to destroy the other PCs, and to not connect them to the internet.

Whomever did it, even if you assume that this division of Sony was as lax on security as the Playstation division, has some serious skills. Imagine what would happen if they had done this kind of attack on an electric company, or other critical infrastructure system. Hopefully, every other major corporation/industry is reevaluating their computer systems in the wake of this attack. I won't be surprised, however, if a few more businesses or government agencies get hit with this kind of attack before some real thought is put into better hardening computer systems.

Diacanu · Dec 4, 2014

Said it before, the next 9/11 will be cyber.

Bickendan · Dec 5, 2014

http://gizmodo.com/sony-kept-thousa...medium=referral&utm_source=pulsenewspulsenews

Diacanu · Dec 5, 2014

Bickendan said: ↑

http://gizmodo.com/sony-kept-thousa...medium=referral&utm_source=pulsenewspulsenews

Click to expand...

Tuckerfan · Dec 5, 2014

Bickendan said: ↑

http://gizmodo.com/sony-kept-thousa...medium=referral&utm_source=pulsenewspulsenews

Click to expand...

Its like Sony accepted an invitation to go camping with Roman Polanski, Bill Cosby, and a roofie salesman.

Remember this incident when people try to claim that a corporation would never do something which sabotaged their operations.

Dinner · Dec 6, 2014

You just know one of them will end up roofied and butt fucked before the night is done.

Amaris · Dec 6, 2014

I think Dicky is right. I posted this before, but this is a real time map of active attacks between various countries. You'll notice where most of it originates:

http://map.ipviking.com/

Captain X · Dec 6, 2014

Don't know why, but it make me think of this case.

Tuckerfan · Dec 6, 2014

Maybe we're looking at this all wrong. Kenya, no doubt with help from the US, just took down a major Chinese hacking operation.

Kenyan police say they have cracked a cyber crime centre run by 77 Chinese nationals from upmarket homes in the capital, Nairobi.

Police believe they were involved in hacking and money laundering. The group has been remanded in custody for five days to allow for further investigations.

The foreign ministry summoned a Chinese diplomat to discuss the arrests.

A Chinese official said the embassy was co-operating with investigations.

It was checking the passports of the suspects to see whether they were, in fact, Chinese nationals, the official told the BBC on condition of anonymity.
'Military-style dormitories'

Police raids were triggered by a fire on Sunday at a home in Nairobi's Rhunda estate in which one person died.

"Preliminary findings show the fire was caused by one of the servers they were illegally operating," the director of Kenya's Criminal Investigations Department, Ndegwa Muhoro, told the privately owned Standard newspaper.

Numerous telephone headsets, computers linked to high-speed internet and monitors were found.

"The suspects are being interrogated to establish their mission in the country and what they wanted to do with the communication gadgets," Mr Muhoro is quoted by AFP news agency as saying.

The charges against the 77 so far include "being in the country illegally and operating radio equipment" without the necessary permits, AFP quotes an unnamed source as saying.

The suspects had been living in "military-style dormitories", and Chinese officials were shocked by the revelations, the Standard reports.
Click to expand...

(more at the link)

That sounds more like a Chinese military operation than it does an organized crime one. But why would China have a bone to pick with Sony? Well, Sony is a Japanese corporation, and China and Japan haven't exactly been getting along with one another.

Last month, the leaders of Asia’s two largest economies finally met in a bid to end a diplomatic deep freeze that has shut down political ties and even sparked talk of war.
But the body language for the ice-breaking photo op between China’s president and Japan’s prime minister was telling: Xi Jinping, silent as a Sphinx in front of a clearly uncomfortable Shinzo Abe.
The encounter follows months of backchannel negotiations to find a formula that would allow both sides to talk without losing face. Two former Japanese prime ministers visited Beijing to lay the groundwork.
Click to expand...

(more at that link, as well)

Now, consider this: Neither Japan and China are going to want to start a shooting war over those islands, but its pretty clear both of them want to maintain control over the islands. Sony, in addition to being an electronics and entertainment giant, is also one of the largest insurance companies in Asia. No doubt the insurance policies the entertainment division use are handled by the insurance division. The computer systems will be connected in some manner, and going directly after the insurance division will almost certainly point people towards China (if not the government, then the organized gangs who're increasingly moving into cyber-crime), but if you attack the entertainment division which just happens to be releasing a movie that North Korea doesn't like, then attention is going to be pointed in their direction, and not yours.

Apparently, some, but not all of Sony's computers were hit with malware which destroyed both files and hardware. If those machines were used as injection points to the insurance company's systems, destroying the files and hardware would make it difficult for this to be discovered. Once inside the insurance divisions systems, the Chinese government would have access to data which would enable them to engage in economic warfare against Japan. Clever, doncha think?

gturner · Dec 6, 2014

VOA news says North Korea is a suspect

Later this month, Sony Pictures plans to release a comedy film called The Interview. It tells about an imaginary plot against North Korean leader Kim Jong Un. Since the attack, many people are wondering if North Korea was responsible for hacking into the computers.

North Korean officials have denounced the movie and promised to “mercilessly destroy” anyone connected to it. The film stars actors Seth Rogen and James Franco. The U.S. Central Intelligence Agency asks for their help in a plot against the life of North Korean leader Kim Jong Un.

More at the link.

Tuckerfan · Dec 6, 2014

gturner said: ↑

VOA news says North Korea is a suspect
Click to expand...

No shit, sherlock. It was mentioned in the OP.

Tuckerfan · Dec 6, 2014

Diacanu said: ↑

Said it before, the next 9/11 will be cyber.
Click to expand...

Having just watched the first episode of Black Mirror (its on Netflix), I have to say that's not terribly imaginative. (A terrorist kidnaps a British princess and threatens to kill her unless the Prime Minister has sex with a pig on live TV.) It doesn't sound as dramatic as a cyber 9/11, I'll admit, but watch the episode, and you'll see that something like that has the possibility of being even more disrupting.

TheBurgerKing · Dec 7, 2014

gturner said: ↑

North Korean officials have denounced the movie and promised to “mercilessly destroy” anyone connected to it. The film stars actors Seth Rogen and James Franco.
Click to expand...

Let them.

Tuckerfan · Dec 8, 2014

http://www.cnet.com/uk/news/sony-hacked-again-this-time-the-playstation-store/

Bickendan · Dec 8, 2014

RickDeckard · Dec 8, 2014

I really don't think that North Korea would have the capability to do this.

Tuckerfan · Dec 8, 2014

RickDeckard said: ↑

I really don't think that North Korea would have the capability to do this.
Click to expand...

Meet Bureau 121.

In an interesting feature published Friday, Reuters reveals the existence of a North Korean cell called Bureau 121. The most talented computer experts in the country are recruited into the unit, which is part of the General Bureau of Reconnaissance, Reuters reported, citing defectors from the state. The bureau focuses on spying -- going far beyond reliance on human snitching to maintain control -- and dedicates itself to the surveillance of foreign powers.

The agency is also involved in state-sponsored hacking, ordered by the Pyongyang government to sabotage enemies, according to Reuters' sources.

One only has to scan the website of the DPRK, the state-run official news agency of North Korea, to see potential targets.

Technically still in a state of war with the north, South Korea is often a target of the country's attacks. However, North Korea has also made no secret of its hatred of the United States, and so the country has come under suspicion for the recent attack on Sony's networks.

Sony's internal systems were hacked last month, which resulted in sensitive data belonging to employees and contractors being leaked online. From passport photocopies to passwords and internal audit documents, more and more damage is being revealed every day.
Click to expand...

Two words: Neely O'Hara.

Via Roose, here are a bunch of dumb fake names for people like Tom Hanks, Natalie Portman, Daniel Craig and Jude Law (and Rob Schenider):

Sarah Michelle Gellar: goes by "Neely O'Hara"
Click to expand...

Tuckerfan · Dec 10, 2014

In the second half of this podcast, they spend time talking, in great detail, about the Sony hack. It turns out that something like 11 terabytes worth of data was stolen from Sony. Honestly, I don't see how Sony is going to stay in business after this. We have only the barest of idea of what the hackers got, and Sony's going to have to rebuild their entire IT infrastructure from scratch. Were I an exec at Sony, seppuku would like a good career move at this point.

Tuckerfan · Dec 11, 2014

A Sony employee speaks out.

I don't doubt that the hackers are talented and there is every chance that they would have broken in with great security, but it's more than a little bothersome to those of us with brains in our skulls that upper management tried hard right out of the gate to avoid any potential for legal ramification. The words "civil suit" are being whispered around the lot like the name Voldemort.
Click to expand...

And the latest leak of emails shows why Sony should be burned to the ground.

Emails Show Sony Planning a Jump Street/MIB Crossover Cause Why Not

In a world that gave birth to seven Saw movies and roughly 47 iterations of The Fast and the Furious, we should have seen this coming. According to leaked Sony exec emails, a Jump Street/Men in Black crossover will be playing in movie theaters everywhere this summer. God help us all.

No, not 23 Jump Street like we all thought, but MIB Jump Street. This is a real thing. A real thing that very powerful people want to make happen and are willing to pay millions of actual, legal American dollars for. Jonah Hill could not be more thrilled.
Click to expand...

More at the link.

Zombie · Dec 11, 2014

Jump Street/MIB Crossover ?

Yeah Sony needs killing just for that idea.

And I've been reading up on some of these leaked emails. Not the emails themselves but what's been reported. Emails about people and their medical information. Detailed medical information on them and their families and their insurance problems. So detailed as to include names, SSN, costs and medical procedures being fought over.

And that's just what the hackers have released at this point. There is no telling what other dirt they've got.

Zombie · Dec 11, 2014

Oh wow was just reading this......

http://www.cnet.com/news/fbi-official-calls-sony-attackers-organized-persistent/

"[T]he malware that was used would have gotten past 90 percent of the Net defenses that are out there today in private industry and [would have been] likely to challenge even state government," said Joe Demarest, assistant director of the Federal Bureau of Investigation's cyberdivision. His comments were officially confirmed later by the FBI.

A group calling itself the Guardians of Peace breached Sony Pictures' computer systems on November 24. The group leaked financial documents, unreleased movies, confidential information about employees and celebrities, and details on the internal workings of Sony's computer security department. It also destroyed Sony's computer hard drives.

Circumstantial evidence had indicated North Korea could be behind the cyberattack, including similarities in the malware used by North Korea against South Korean media companies and banks in 2013.
Click to expand...

Yeah I'm starting to believe it was North Korea.

Archangel · Dec 11, 2014

The one thing that has me curious is the "stolen" movie slate.

1 block buster already in theaters...

4 movies no one really cares about...

I just find that odd.

Zombie · Dec 11, 2014

Who knows how many other movies they have. Hell with 11 terabytes the hackers might still be sifting through everything.

Archangel · Dec 11, 2014

Just one thought is...it could be VERY profitable to extort money out of Sony to not dump those on the internet.

Zombie · Dec 11, 2014

Archangel said: ↑

Just one thought is...it could be VERY profitable to extort money out of Sony to not dump those on the internet.
Click to expand...

Problem is that the hackers have already leaked and there is no way Sony could trust them to not leak after paying them.

Dinner · Dec 11, 2014

Tuckerfan said: ↑

http://www.cnet.com/uk/news/sony-hacked-again-this-time-the-playstation-store/
Click to expand...

The north Koreans really don't like Sony, huh?

Dinner · Dec 12, 2014

Tuckerfan said: ↑

In the second half of this podcast, they spend time talking, in great detail, about the Sony hack. It turns out that something like 11 terabytes worth of data was stolen from Sony. Honestly, I don't see how Sony is going to stay in business after this. We have only the barest of idea of what the hackers got, and Sony's going to have to rebuild their entire IT infrastructure from scratch. Were I an exec at Sony, seppuku would like a good career move at this point.
Click to expand...

Sony has so many billions in intellectual properity they are not going out of business any time soon though they no doubt will need a whole new IT department and hardware/software set up. Just imagine how many back doors and trojans the North Koreans slipped in there.

Zombie · Dec 12, 2014

If Sony, the movie studio, had any brains they would have disconnected every single computer they own from the internet.

Zombie · Dec 12, 2014

Reading some more but I keep seeing 100 terrabytes worth of stuff stolen. Good lord if that's true........

Diacanu · Dec 12, 2014

Zombie said: ↑

Reading some more but I keep seeing 100 terrabytes worth of stuff stolen. Good lord if that's true........
Click to expand...

...they've got a damned good internet connection.
I'm pacing back and forth, and swearing at the screen trying to get a stupid gigabyte through my fuggin' DSL.

Log in or Sign up

Latest Sony Hack is Some Serious Shit

Tuckerfan BMF

Diacanu Comicmike. Writer

Bickendan Custom Title Administrator Faceless Mook Writer

Diacanu Comicmike. Writer

Tuckerfan BMF

Dinner 2012 & 2014 Master Prognosticator

Amaris Guest

Captain X Responsible cookie control

Tuckerfan BMF

gturner Banned

Tuckerfan BMF

Tuckerfan BMF

TheBurgerKing The Monarch of Flavor

Tuckerfan BMF

Bickendan Custom Title Administrator Faceless Mook Writer

RickDeckard Socialist

Tuckerfan BMF

Tuckerfan BMF

Tuckerfan BMF

Zombie dead and loving it

Zombie dead and loving it

Archangel Primus Peritia

Zombie dead and loving it

Archangel Primus Peritia

Zombie dead and loving it

Dinner 2012 & 2014 Master Prognosticator

Dinner 2012 & 2014 Master Prognosticator

Zombie dead and loving it

Zombie dead and loving it

Diacanu Comicmike. Writer

Log in or Sign up

Latest Sony Hack is Some Serious Shit

Tuckerfan BMF

Diacanu Comicmike. Writer

Bickendan Custom Title Administrator Faceless Mook Writer

Diacanu Comicmike. Writer

Tuckerfan BMF

Dinner 2012 & 2014 Master Prognosticator

Amaris Guest

Captain X Responsible cookie control

Tuckerfan BMF

gturner Banned

Tuckerfan BMF

Tuckerfan BMF

TheBurgerKing The Monarch of Flavor

Tuckerfan BMF

Bickendan Custom Title Administrator Faceless Mook Writer

RickDeckard Socialist

Tuckerfan BMF

Tuckerfan BMF

Tuckerfan BMF

Zombie dead and loving it

Zombie dead and loving it

Archangel Primus Peritia

Zombie dead and loving it

Archangel Primus Peritia

Zombie dead and loving it

Dinner 2012 & 2014 Master Prognosticator

Dinner 2012 & 2014 Master Prognosticator

Zombie dead and loving it

Zombie dead and loving it

Diacanu Comicmike. Writer

Useful Searches