Sony Pictures Computer Sytems Shut Down After Ransomware Hack 155
MojoKid writes: It appears that Sony Pictures has become the victim of a massive ransomware hack, which has resulted in the company basically shutting down its IT infrastructure. According to an unnamed source, every computer in Sony's New York Office, and every Sony Pictures office across the nation, bears an image from the hacker with the headline "Hacked By #GOP" which is then followed by a warning. The hacker, or group, claims to have obtained corporate secrets and has threatened to reveal those secrets if Sony doesn't meet their demands.
Re: (Score:1)
They should have used something proprietary. Maybe an ATRAC or MagicGate algorithm? ;)
Re: (Score:1)
Oh come on. That's hardly a proof.
Re: (Score:1)
Someday I shall have the privilege of modding up one of these... but not today, alas.
Re: (Score:2)
One can only hope it hits the right people. Those fucking idiots who demand we open the network to the "bring your device from home" crowd.
Remember when your network admin told you that it is a stupid idea - well here you go.
Re: (Score:1)
Yes, something went wrong so it must be because of my pet peeve. Clearly all the evidence points to this being an infection caught off a dodgy iPad. *facepalm*
Re: (Score:2)
all the evidence points to this being an infection caught off a dodgy iPad.
I KNEW IT!
Told you so.
Re: (Score:2)
No, you blamed BYOD, which remains to be seen. I take it you've never seen a corporate iPad? I assure you they exist & while they can be infected just like corporate laptops can, it happens a lot less often...
Re: (Score:2)
No he didn't, Skylinux did.
Re: (Score:2)
Re: (Score:2)
What if I told you this "ransom ware" attack was caused by network admins who were logged in as DOMAIN ADMINISTRATORS? Ransomware is usually the result of poor security practices by admins adding DOMAIN ADMIN to their groups in group policy. So, infect one DOMAIN ADMIN and ransomware is off and running through the entire network, encrypting and trashing as it goes. With ransomware the worst a nonadmin user can do is take out their own files, but infect an account with DOMAIN ADMIN and you can take out a
Re: (Score:3)
It's more likely domain admins that didn't apply MS14-068.
Re: (Score:2)
"Clever is easy, simple is hard."
I'm stealing this; I hope you don't mind. (o:
Re: (Score:2)
What if I said it was much more likely that they weren't domain admins, but merely members of groups that had rights over local workstations -- like, you know, like every person in ever field-service/desktop-support group in every major company is.
The right to install software is granted to field-service level staff in nearly every major company, and that doesn't make you a domain admin.
Re: (Score:2)
We run with two accounts one for normal use and one for software installation (admin/root). In my opinion, it is bad practice to run any machine LINUX, MAC, or WINDOWS logged in as admin/root. Having to type a username/password into sudo or the windows/mac popup is minor compared to software "accidentally" getting installed. :)
Hey I heard from some guy that hates BYOD that SONY was taken down by an infected iPad. It had nothing to do with that last Microsoft patch that Sony didn't apply.
Re: (Score:2)
Don't you hate it when people disagree with your blind, error filled assertions? I bet you wanted to print this post off and show it to your boss and say, "SEE, LOOK, IT'S THOSE PEOPLE WITH BYOD!" when in reality YOU, Mr. Site Admin are the biggest security threat to your organization.
I was at least expecting you to lie and respond, "I am not logged in as DOMAIN ADMIN."
On a serious note, I would strongly suggest you look at your teams security practices before you end up in the same shape as SONY. Ransom
Re: (Score:2)
One can only hope it hits the right people. Those fucking idiots who demand we open the network to the "bring your device from home" crowd.
Remember when your network admin told you that it is a stupid idea - well here you go.
Remember when your network admin couldn't figure out how to segregate the wifi network, or set up mobile device policies in exchange? Well here you go.
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
Re: (Score:2)
A car? Why would anyone get a car because of this?
Re: Who is going to get the pink slip (Score:1)
Re: (Score:1)
Re: (Score:2)
No, they will get a corner office.
Congratulations... (Score:1)
#GOP has just become a top-10 target for US Offensive cyber-operations...
Re: (Score:1)
Re: (Score:2)
Maybe, but the writing in the warning seems to come from someone who speaks English as a second language.
It read like person that not know what are articles.
Re: (Score:2)
so, British?
Dear Sony, I am delighted! (Score:5, Insightful)
Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"
I shall be wearing the smile today, all day.
Re: (Score:2)
[haha.jpg]
Re: (Score:3)
Maybe not the Sony Music rootkit but they have forced various bits of intrusive DRM on us over the years.
So yes, there's a certain irony in their systems getting infected when for years they've been infecting the systems of others.
Re: (Score:2)
Its Karma.
Not instant, like their rice....its slow cooked Karma....
With a side of Sony baloney.
Re: (Score:2)
Re: (Score:1, Insightful)
Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"
Not bad bringing up something that happened in 2005 with the scandal having impact to 2007. Yes Sony BMG was IMHO stupid to put what is called a "root-kit" on a PC running a Microsoft OS. Although that root-kit was benign and Anti-virus firm F-Secure concurred, [wikipedia.org] "Although the software isn't directly malicious, the used rootkit hiding techniques are exactly the same used by malicious software to hide themselves". This is not to say that this absolves Sony BMG however the finger of blame should also point at A
Re: (Score:2, Interesting)
It borked CD-drivers, CD burning software and DVD player software.
Often with BSOD's as a result.
People replaced CD-drives thinking they were broken.
Only to find that the new drive was borked from the start too.
You call that benign ?
Oh... Before I forget. Sony was a share-holder in F-Secure at the time.
No wonder F-Secure tried to put it in ass good a light as possible.
Re: (Score:2)
Many pieces of malware are far more benign than that, and yet people have gone to jail for writing them...
Re: (Score:3)
Not bad bringing up something that happened in 2005 with the scandal having impact to 2007.
I'd have thought that 10 years would have been quite long enough for Sony to have gotten around to saying sorry. I guess it must have slipped their minds...
Re: (Score:2)
Re: (Score:1)
Re: (Score:3)
Seriously, are people still on about this?
The root kit scandal was a case of corporate ham-fisted ignorance dabbling in something they knew too little about. A ransomware attack on a different arm of the company, 9 years later, affecting people who had absolutely nothing to do with the root kit, is a criminal act.
If you're wearing a smile because of this you have very strange ideas about what's morally right, and really should be finding something more positive in life to make you happy.
Re: (Score:2)
The root kit scandal was a case of corporate ham-fisted ignorance dabbling in something they knew too little about.
True.
However the corporation was culpably stupid in dabbling before they knew what they were getting into. A corporation the size of any of Sony's divisions has enough resources to figure out the consequences of their actions before they make their decisions. There is no excuse for implementing a strategy in ignorance of its impact on customer/clients (or the indirect impact on shareholders, for that matter).
I am, and you are too, much safer dealing with criminals who know what they are doing than dealing
Re: (Score:2)
every officer of the company needs to do the honorable thing and leave the company, leave the industry, and get a job more suited to their ethical and strategic skill set. Like flipping burgers, or arranging the sushi on the platter.
Are you sure these are appropriate jobs for Sonyscum? Personally, I wouldn't want to eat burgers laced with exlax, or sushi caught from the waters next to Fukushima...
Re: Dear Sony, I am delighted! (Score:4, Interesting)
I work for Sony Picture on projects as a sound designer from time to time, I wasn't there yesterday.
Sony Pictures is an almost completely distinct operation from "Sony." The studio itself is just the old Columbia Pictures, that Sony bought in 1990. The lot itself was the old MGM/Lorimar lot-- all the long-time staff at Sony are either Columbia people or MGM people. You can go years there without meeting a Sony corporate exec, they leave the place alone and just a let it do its thing.
Re: (Score:3)
Would I be right to believe the Sony Pictures, being part of the Sony conglomerate, are infected with the same high-handed corporate arrogance that we have seen at Sony Music? "cough" root kit "cough"
You would indeed and I submit their use of Cinavia copy protection on BluRays and DVDs as proof of this. You may be asking "What is Cinavia?" Well, it is a copy protection technology that uses an audio watermark. The watermark appears within the range of human hearing (so you can't just filter away the high frequencies above human hearing to remove it) and doesn't appear to be anything that humans can hear, but all current BluRay players are required by the licensing agreement to support it. How it wor
Re: (Score:2)
Re: (Score:3)
I'd like to point out that Cinavia is not free. Companies that use it pay a fee for using it. I don't know what the price is, but I can tell you that Sony puts it on every BluRay they put out, even those foreign films they release that have limited audiences. For all I know, it may actually cost more to use Cinavia on some of those films than Sony can even make back in sales of the discs. Sony even puts it on a few DVDs and no DVD player is required to detect or support Cinavia, and they still sometimes use it there.
It costs a fair bit by the looks of it, and the also seem to take a dip from everyone on the chain
From wiki
Licensing[edit] For Cinavia the owners Verance make their money through licensing agreements with several sections of the entertainment and media industry. As of March 2012 these licence costs due to Verance were $10,000–$300,000 per manufacturer of Blu-ray Disc players—for the rights to embed the Cinavia detection system—plus additional software costs for the implementation itself.[8] Production facilities need to pay $50 for each audio track that is watermarked with Cinavia.[8] Distribution houses must finally pay $0.04 per disc with Cinavia watermarked content included.[8]
Re: (Score:2)
Clearly you don't have young children or have ever seen them handling DVD's and/or Blu-ray disks. It is a lot cheaper to give them a copy of random Disney/Pixar film which can be cheaply replaced than the original which cannot.
Re: (Score:1)
Disney Disc Replacement Program (Score:3)
Re: (Score:2)
"First see if Disney offers a discount on a new copy with the exchange of a broken authentic disc."
and disney is so going to have an amazon sized warehouse just to replace broken discs for no or low prices.
streaming is an alternative but the companies doing this need rights to content to stream it, and this means loads of cash and complex hardware to store exobytes of data and superfast internet...
compared to making a HTPC that plays video containers made from dvds is better. they only need a usb wireless k
Re: (Score:2)
let me get this straight: you are saying he is wrong because:
- Sony abuses a rights-stripping piece of shit on everything they produce
- Sony mandated it into the technology license for the disc format to 3rd party player manufacturers
- the GP postulates that once you format-shift the content away from the licensed Blu-Ray spec, third party players no longer adhere to enforcement of the rights-stripping piece of shit
- you post the Slashdot equivalent of "NUH UHH!" because the company that abuses the rights-s
Re: (Score:2)
Companies are being hypocrites about exactly what we pay when buying music or a movie. In court, they've sided with the argument that we're paying for a license for said media.
So if someone pays 25$ for a movie on Blu-ray, that means that at least a portion has gone for the license. Since I've already paid for the license, and I'm not allowed to make copies for my own private use, why can't I buy a second disc for the media fee alone? Why can't we buy replacement discs if our first one gets destroyed? The l
Re: (Score:1)
Your license to play the movie is on the disk. Sony wants to verify this license. If you break the disk, you have destroyed your license. If you copy the disk without the license on it, you cannot prove you have a license.
Unless you're expecting Sony to keep a record of all those who have purchased a licence, by whatever means through millions of retail channels, you need to be the one who retains the licence. If you destroy the license, or keep it elsewhere, what proof do you have that you are license
Re: (Score:2)
A license is not a physical object. Even if I break the disk, the license was paid for. I should at least be able to return to a store with a broken/scratched disc and pay for a replacement disc minus the license fee that was paid with the first copy.
Re: (Score:2)
Well that seems like a reasonable request, but companies are not obliged to help you fix the situation you've got yourself into. You in a situation where you am 100% to blame, but somehow you get to demand that the company assist you?
If I bought a Blueray and lost the case, so I no longer knew who appears in it, are the company obliged to run a service where I can buy an empty case to replace it? After all, I already have the disk, and my licence, they have no right to force me to buy them again!
Or if I b
Re: (Score:2)
The case of a movie isn't part of the media, it can be viewed as packaging. Packs of cards do not having any license fee.
Media companies and resellers wouldn't have anything special to do this. You bring a broken/defective disc and pay for the media only. There's no customers to keep track of, no special inventory to keep.
Re: (Score:2)
Since I've already paid for the license, and I'm not allowed to make copies for my own private use, why can't I buy a second disc for the media fee alone?
I don't know about Sony, but Disney lets you [disneystudioshelp.com].
Re: (Score:1)
Because the people who were suffering from the use of Sony's nasty DRM were the legitimate customers? The pirates were the ones laughing their heads off in 2007.
Re: (Score:2)
Keep up. We're discussing Bluray and Cinavia.
Re: (Score:1)
It doesn't change the core of the argument that DRM is punishing the paying customers as in the example from Zontar and has done nothing to punish the pirates. There is a high quality copy of every piece of protected music available on the pirate bay and the people who download that copy don't have to mess around with restrictions of any kind.
I would certainly think that a company should be worried when a bootlegger is offering a better product, better service, and a better price than their own company. T
Bad PR (Score:2)
Even though I had no computer vulnerable, and I did not buy one of Sony's malware-laden Music CDs, I remember the event so clearly and strongly I still refuse to consider buying any Sony product whatsoever, including their cameras. Is there some malware hidden within those proprietary, compressed RAW image files?
So I am of two minds. I don't like the use of ransomware. And I don't like Sony. This reminds me of the old joke where the guy sees his mother-in-law drive off a cliff in his new Bentley.
Re: (Score:2)
How do WE fight this? (Score:2)
Ransomware sometimes uses TOR to avoid detection and serious encryption that no techie can undo. I am starting to get really worried that ransomware will become as common as IE-hijacking browser toolbars. It is easy money. This will be a huge problem. I'm even went through the trouble of logging in to ask how we can fight to nullify ransomware.
1 employee inside our company saw some form of ransomware a year ago. I'm sure he lost all the business data. We are not the NSA and therefore can't decrypt it after
Re: (Score:2)
The server then sends files to tape / disk / offsite.
Basical
Re: (Score:2)
Does anyone know of an OSS backup where you can "hide" the target USB drive or partition from the user (so the ransomware won't just up and pave it over along with the My Documents, Desktop, D:, Local network drive targets)
Not OSS, but every major commercial package will allow remotely-triggered backups. Your server (no shares, the user can't get there) kicks off the backup, and pulls the data to it. Secure, and not shared on the network. I'm sure OSS would have something to do that, as that's the standard architecture for all commercial backups. Only the home backups are simple copy backups triggered from the end user.
Re: (Score:1)
Yes! Thank you, I won't shed a single tear, but instead hope that they're shut down for a lot longer than they expect. Fuck Sony in their stupid asses. Yes, Rootkit, prosecution of George Hotz and countless other fuckups remind me that Sony is just getting what they deserve.
Re: (Score:1)
good old fashioned cracker extortion. I would have prefered it happen to EA, Comcast, or Haliburton.
Seriously, what important, secret information does a film studio have, besides salary, and royalty numbers?
Creative accounting. Maybe even fraudulently creative.
Re:would prefer EA, Comcast, or Haliburton myself (Score:5, Insightful)
Embarassing "creative accounting", heavier than expected use of offshore tax shelters and chip-shuffling, two sets of books, other illegal accounting, illegal campaign contributions, those are a lot more likely than the sort of "secrets" you're thinking of. They probably stand a lot more to lose there than from theft of R&D files.
Nowadays your accounting department needs to be the most heavily defended portion of your network, and not due to direct theft. (unless you're in the business of mining bitcoins anyway)
Re: (Score:2)
Re: (Score:2)
While I don't know if it's legal or not to show your shareholders fraudulent books, I do know it's illegal to try to pull on the tax man. Federal charge of "keeping books" refers to keeping two separate sets of accounting, one for tax purposes and the other being an accurate reflection of your earnings. Basically it's ironclad proof of "premeditated tax evasion".
In many ways, the EPA and IRS have more destructive
Re: (Score:2)
comcast save up for a big hack that gives people (Score:2)
comcast save up for a big hack that gives people free tv. Starting with HBO, NHL CI, NBA LP, MLB EI, and more.
Re: (Score:1)
The real gross and net numbers would be my guess, having been an associate producer/performer with points in the past.
GOP (Score:2)
He'll probably become a soon to be deported retroactive rapist.
You mean (Score:2)
DMCA takedown action for abuse of GOP Hashtag (Score:2)
Can't they fight this with the DMCA or something for abusing the GOP hasthag? I bet those hackers will have shit running through their pants when they hear this!
Young man, Are you listening to me
I said, young man, what do you want to be
I said, young man, you can make real your dreams,
but you've got to know this one thing.
No man, does it all by himself
I said, young man, put your pride on the shelf
And just learn to play with the D.M.C.A.
I'm sure they can help you today
It's fun to play with the D.M.C.A.
It's fu
Looking at the zip file, looks like (Score:1)
Re: (Score:1)
https://thepiratebay.se/torrent/11561038
Re: (Score:2)
What are the contents of the file, by the way? I'm not interested in grabbing it myself (I'm mildly paranoid about doing so) but I'm interested in a brief description.
Re: (Score:1)
There are dlls, pdf reports, xls reports, docs, videos, cookie files, thumbs.db, browser cache, photos with default camera name and everything you would find on a work computer.
Re: (Score:2)
No wallet.dat file, by any chance? :p
Heart attack stuff (Score:1)
Hopefully the IT department have strong hearts. Employee fitness programs probably should be made part of the disaster readiness planning.
Wow ... (Score:1)
So, Sony isn't just incompetent and unsafe with our data, they're apparently unqualified to run an internal network?
Unbelievable.
I can't think of many instances where a company as big as Sony had to shut down all of their IT stuff on this scale.
Bummer, dudes. But, it's Sony, so I'm not feeling overly bad about it.
Cognitive Dissonance (Score:3)
On the one hand, I despise extortionists, and the perpetrators ought to be hung out to dry. On the other hand, the folks at Sony arguably have engaged in extortion and fraud on a few occasions in the past, so part of me feels this is simply their just desserts. If it wasn't for the inevitable collateral damage I'd be tempted to say "let 'em all kill each other and God will sort them out".
It does seem kind of unfair that nobody at Sony was ever imprisoned for the Rootkit scandal or the OtherOS clusterfuck, whereas people behind #GOP will likely serve time in jail if they are ever caught. I guess "Corporate Immunity" is just as real in law as "Diplomatic Immunity" - 'the law' just won't openly admit it.
Re: (Score:1)
If it wasn't for the inevitable collateral damage I'd be tempted to say "let 'em all kill each other and God will sort them out".
Let's see, some people at Sony lose their jobs, that should happen anyway. Some Sony customers get boned, that will happen anyway. No great loss. Fuck 'em. I hope they burn. The world would be better off without today's Sony.
You don't know what Troll means, kid (Score:2)
When I say something like this, I mean it. Yes, there would be a temporary disturbance (in the force?) if Sony went under tomorrow. But the world would eventually be a better place for it. Same with most corporations, honestly.
Flamebait means what you think I was doing, which also isn't what I was doing. Trolling is making shit up to make people angry. I was expressing heartfelt beliefs. I know many here agree with me. But I guess you're still humping your PS4
Sony Pictures? (Score:4, Funny)
Maybe they should make a movie about this.
oh goody (Score:1)
Re: (Score:2)
I really hope they don't pay!
I hope so too. That way, the hackers will release the files (the contents, not just the filenames), which contain enough juice to sink Sony Pictures (and possibly other parts of Sony too) for good.
Will Sony pony ... (Score:2)
... up for some security?
Actually, I think this is an inside job where admin access was given to an outsider.
What kind of IT department does Sony run? (Score:2)
No offense to the actual IT workers at Sony, as I'm sure their hands are as tied as management allows, but it does make me wonder how this kind of shit gets through IT and not only infects one office, but nationwide, without garnering any attention from the IT pros getting paid to stop things like this?
Re: (Score:2)
No offense to the actual IT workers at Sony, as I'm sure their hands are as tied as management allows, but it does make me wonder how this kind of shit gets through IT and not only infects one office, but nationwide, without garnering any attention from the IT pros getting paid to stop things like this?
Easy. By being targeted, Stuxnet style. They knew what IP blocks Sony Pictures uses, and it's quite easy to find machines on a local LAN and stay within it, and Sony is no doubt like most large corporations and links their offices via VPN, so machines at every location also look like the local LAN, so the worm can spread itself to everything it sees. And it can do so quietly. It doesn't have to make a lot of noise to do it. No excessive CPU usage, no excessive network traffic, no nonfunctioning service
I'm glad I don't work at Sony (Score:1)
Now this... Boy I'm glad I'm not a Sony employee... looks like they've been making lots of enemies with the general public and now it's the time that everything pays back... I want them to be able to recover and keep offering employment