Slashdot is powered by your submissions, so send in your scoop

 



Forgot your password?
typodupeerror
Sony Security

The Sony Pictures Hack Was Even Worse Than Everyone Thought 528

An anonymous reader writes with today's installment of Sony hack news. "It's time to take a moment of silence for Sony Pictures, because more startling revelations about leaked information just came out and employees are starting to panic. BuzzFeed raked through some 40 gigabytes of data and found everything from medical records to unreleased scripts. This is probably the worst corporate hack in history. Meanwhile, Fusion's Kevin Roose is reporting on what exactly happened at Sony Pictures when the hack went down. The hack was evidently so extensive that even the company gym had to shut down. And once the hackers started releasing the data, people started 'freaking out,' one employee said. That saddest part about all of this is that the very worst is probably still to come. Hackers say they stole 100 terabytes of data in total. If only 40 gigabytes contained all of this damning information, just imagine what 100 terabytes contains."
This discussion has been archived. No new comments can be posted.

The Sony Pictures Hack Was Even Worse Than Everyone Thought

Comments Filter:
  • by itsenrique ( 846636 ) on Thursday December 04, 2014 @09:20PM (#48527505)
    I mean it seems likely they got everything. Even the model numbers of the kitchen sinks.
    • Re:... Everything? (Score:5, Insightful)

      by FatLittleMonkey ( 1341387 ) on Thursday December 04, 2014 @09:39PM (#48527635)

      If they got the accounts system, (which seems likely, given that Sony seems to have put every subsystem on the same network, employee medical records on the same network as raw film files) then any electronic receipt for purchase of items for office lunch rooms could include the model numbers for the sinks.

    • by Anonymous Coward on Thursday December 04, 2014 @09:49PM (#48527691)

      I know them too. its "SYSTEMD".

    • Lawsuits and Patents (Score:5, Interesting)

      by Etherwalk ( 681268 ) on Thursday December 04, 2014 @10:39PM (#48527953)

      I mean it seems likely they got everything. Even the model numbers of the kitchen sinks.

      I would expect they also got some fairly damning privileged information--emails exchanged with lawyers on everything from sexual harassment to copyright infringement suits. It's a BIG firm.

      Plus Patents. Sony files THOUSANDS of patents a year. If that patent information (or research that could be patented) is published to the wild before SONY patents it, you have a LOT of new prior art and a fortune in IP at risk... SONY would have to patent everything within a year in the US; I am not sure that you even have that grace period everywhere else.

      (a) NOVELTY; PRIOR ART.—A person shall be entitled to a patent unless— (1) the claimed invention was patented, described in a printed publication, or in public use, on sale, or otherwise available to the public before the effective filing date of the claimed invention ...
      (b) EXCEPTIONS.— (1) DISCLOSURES MADE 1 YEAR OR LESS BEFORE THE EFFECTIVE FILING DATE OF THE CLAIMED INVENTION.—A disclosure made 1 year or less before the effective filing date of a claimed invention shall not be prior art to the claimed invention under subsection (a)(1) if—
                      (A) the disclosure was made by the inventor or joint inventor or by another who obtained the subject matter disclosed directly or indirectly from the inventor or a joint inventor; or
                      (B) the subject matter disclosed had, before such disclosure, been publicly disclosed by the inventor or a joint inventor or another who obtained the subject matter disclosed directly or indirectly from the inventor or a joint inventor.

      • by arth1 ( 260657 ) on Thursday December 04, 2014 @10:48PM (#48528001) Homepage Journal

        Plus Patents. Sony files THOUSANDS of patents a year. If that patent information (or research that could be patented) is published to the wild before SONY patents it, you have a LOT of new prior art and a fortune in IP at risk... SONY would have to patent everything within a year in the US; I am not sure that you even have that grace period everywhere else.

        I think you confuse Sony Pictures with Sony Corporation.

        The former is unlikely to have a lot of patents, except for things like camera gimbals or ways to strip and reattach continuity reports to digital footage.

      • by mysidia ( 191772 ) on Thursday December 04, 2014 @10:53PM (#48528023)

        SONY would have to patent everything within a year in the US; I am not sure that you even have that grace period everywhere else.

        No..... 1 year following lawful disclosure.

        The unlawful disclosure of confidential information by criminals is subject to adjudication by the courts.

        The unlawfully disclosed material may very well be deemed to be a condition that allows Sony to continue to pursue the patents, and publications made from unlawfully disclosed materials may be excluded from valid prior art.

      • by another who obtained the subject matter disclosed directly or indirectly from the inventor or a joint inventor; or

        Illlegal theft of records doesn't count as disclosure.

  • by man_ls ( 248470 ) on Thursday December 04, 2014 @09:20PM (#48527507)

    How long was the attack taking place? What kind of Internet connection does Sony Pictures have? To ex-filtrate 100 TB of data is going to take a while, no matter how you cut it. My guess is that number is significantly inflated.

    • by durrr ( 1316311 ) on Thursday December 04, 2014 @09:25PM (#48527549)

      If you hit a server or many of them you'll get a fair bit better speed than if you hit a private person with american public tire shitternet. And as long as you're no detected it really doesn't matter if it takes 24 hours or 100 days.

    • by CohibaVancouver ( 864662 ) on Thursday December 04, 2014 @10:01PM (#48527757)

      What kind of Internet connection does Sony Pictures have? To ex-filtrate 100 TB of data is going to take a while, no matter how you cut it. My guess is that number is significantly inflated.

      Who says this was done over the internet?

      Send in a North Korean agent posing as a janitor to jack into the network from the inside. Plug in a device, let it download, then come get it the next night.

      • by dbIII ( 701233 )
        How about putting in a perfectly innocent looking CDROM and infecting the machine with a rootkit? There may even be some lying around on the Sony premises
    • by im_thatoneguy ( 819432 ) on Thursday December 04, 2014 @10:09PM (#48527811)

      My internet connection at home is 100mbps = 12MB/s.

      = 43GB/hr
      = 1TB / day
      = 100 TB in 100 days.

      Spread that out across 10 machines and you're looking at a little over a week.

      An uncompressed 4k film in DPX is 10bit * 4096 x 2214 * 3 = 32 MB / frame * 24 fps * 60 seconds/minute * 60minutes/hour = 2.63 TB per *version*. Then there are Subtitled and Closed caption versions. A single film often has 10TB. They might have just stolen 10-20 films. And those servers presumably are on very fast connections capable of remote review over something like cinesync.

      • by TheSync ( 5291 )

        The Digital Cinema Distribution Master (DCDM [digitalpreservation.gov]) contains uncompressed audio and video, but timed text elements like subtitles are stored in XML.

        DCDMs are turned into the Digital Cinema Package (DCP [wikipedia.org]) for distribution to theaters, which is an encrypted file of JPEG 2000 video at a max 250 Mbps.

    • How long was the attack taking place? What kind of Internet connection does Sony Pictures have? To ex-filtrate 100 TB of data is going to take a while, no matter how you cut it. My guess is that number is significantly inflated.

      Given the level of access these people had, they likely just issued a request to the DBAs to send a copy of the backups via UPS to Kim Jung Uns house directly.

    • by Bert64 ( 520050 )

      One of the stories on this mentioned they had access for a year...
      Sony pictures likely has extremely fast internet connections at multiple sites, as they deal with movies its highly likely they will be sending large high resolution video files around.

    • by Zeromous ( 668365 ) on Friday December 05, 2014 @12:49PM (#48531351) Homepage

      Hours and minutes. Its obvious to me, a former backup/dr guru in another life, this data was either walked out of Sony itself in 2-3 plastic bins, or fell off the back of an offsite storage truck.

  • by BitZtream ( 692029 ) on Thursday December 04, 2014 @09:22PM (#48527519)

    100 terabytes of data is easily consumed by the raw uncut footage of a few movies, easily. So it could be a whole bunch of stuff that really hurts them or it could just be a couple movies that were shot by M. Night Shyamalan that suck so hard no one cares.

    • Re: (Score:2, Funny)

      by Anonymous Coward

      Twist, M. Night Shyamalan was phone the whole time...

    • Yeah but... imagine the harm to Sony's reputation if an unreleased M. Night movie got out...

    • Some of the rumoured files were financial data - even stuff like "Diaz - Cameron - Passport.PDF" for goodness sakes.
      More info is on one of the reddit threads but it's apparently VERY nasty.

  • What is Sony doing with medical records?

    • This undoubtedly refers to the insurance carried, what it covers and so forth. Those are medical records. It's not referring to MRI scans and detailed physical information.
      • That's what I thought. I guess "insurance information" doesn't have enough scare factor for a story.

      • I've just been reading some of the articles, and it seems that in fact Sony has unfortunately been storing a lot of communication that contains discussion of medical issues amongst other things.

        This is an example of where a company could have done a better job of assessing the risk of retained data becoming a liability and applied suitable retention policies and other risk mitigation strategies like encryped storage (some articles suggest most files were not meaningfully protected).

        IT folks and legal depart

    • It could be related to FMLA claims. When someone claims FMLA there is certain medical documentation that may need to be shared with an employer (although as it is still covered by the HIPAA laws, great care has to be taken to ensure it is not exposed like it apparently was).

  • Sad? Saddest? (Score:5, Insightful)

    by rubycodez ( 864176 ) on Thursday December 04, 2014 @09:31PM (#48527579)

    So Sony with its rookits and DRM get owned. Good. How does it feel, Sony? How does it feel?

    Hope this causes massive losses for them and horrors for its employees.

    • Re:Sad? Saddest? (Score:5, Insightful)

      by DigitAl56K ( 805623 ) on Thursday December 04, 2014 @09:41PM (#48527643)

      Bearing a grudge against a company for the decisions of it's higher-ups is one thing, wishing horrors upon the majority of employees who are probably everyday folk earning a living - many probably sharing your view on the matter of the rootkit saga - might be going a little too far...

      • Re: Sad? Saddest? (Score:2, Insightful)

        by Anonymous Coward

        No fuck that. Fuck the higher ups and every step of the ladder that supports them. They are all responsible.

        • Re: (Score:3, Insightful)

          by Anonymous Coward

          No. By that logic we are responsible for the governments actions in all things, because we support them. Fuck the NSA, fuck the pentagon, fuck the whitehouse. I don't care. Lay a hand on Snowden, lay a hand on the soldiers, lay a on the housekeepers; then we have a problem. You and I would come to blows if we met IRL, simply because you are a reprehensible prick who can't figure out that people do what they have to for their families, and that you cannot use the crimes of a few to condemn many.
          Say that to t

        • Re: Sad? Saddest? (Score:4, Interesting)

          by pitchpipe ( 708843 ) on Friday December 05, 2014 @12:34AM (#48528425)

          No fuck that. Fuck the higher ups and every step of the ladder that supports them. They are all responsible.

          That's the kind of thinking that causes people to turn into terrorists with all of the associated be-headings of completely innocent people and other moronic actions. It's fucking stupid. Stop it.

          You don't have perfect knowledge and you never will, so quit acting like you do.

    • Re:Sad? Saddest? (Score:4, Insightful)

      by AbRASiON ( 589899 ) * on Friday December 05, 2014 @04:44AM (#48529011) Journal

      Really, a rootkit done once, a decade ago by some idiot in Sony music? Massive losses, more jobs lost, more people out of work, this economy even worse.

      Hopefully they fix their security, behave better as a company and no one loses jobs, Hopefully idiot posts like yours don't come to fruition either.

  • by cryptoengineer2 ( 3469925 ) on Thursday December 04, 2014 @09:33PM (#48527601)
    http://en.m.wikipedia.org/wiki... [wikipedia.org] TL, DNR: 9 years ago, Sony was root kitting the machines of people who bought their CDs, and living about it.
  • PS4 keys? (Score:3, Interesting)

    by BenJeremy ( 181303 ) on Thursday December 04, 2014 @09:34PM (#48527603)

    How long before we see Sony's flagship console jailbroken like the PS3?

    For that matter... we'll probably see the PS3's keys brought up to the current version, as well.

    • Re: (Score:3, Interesting)

      by BenJeremy ( 181303 )

      To clarify.... I know this is Sony Pictures, but if the hack was this invasive into Sony's IT infrastructure, it's very possible they penetrated the entire Sony network.

      All we are seeing at the moment is from Sony Pictures, but we may see a lot more in the next few weeks.

  • by ShaunC ( 203807 ) on Thursday December 04, 2014 @10:13PM (#48527827)

    In case anyone else was looking for the missing link in TFS, Kevin Roose's article at Fusion is here [fusion.net].

  • by JThundley ( 631154 ) on Thursday December 04, 2014 @10:20PM (#48527863) Homepage

    At first they thought the data was fake; all the scripts read like movies everyone has seen already.

  • by Hussman32 ( 751772 ) on Thursday December 04, 2014 @11:01PM (#48528063)

    Was this hack the result of poor security, or will every single company in the world now see what has happened, over-react, and unleash draconian security measures that far exceed the point of diminishing returns?

    No matter what you think of Sony, this will not be good for the productivity of the corporate working world.

    • by west ( 39918 )

      No matter what you think of Sony, this will not be good for the productivity of the corporate working world.

      You are absolutely correct. However, perhaps it's time to acknowledge that much of the productivity increases that the Internet brought to the workplace are only possible because systems could be built that didn't assume that the company was under constant assault - a condition that is very likely no longer true.

      My guess, however, is that real security won't happen until there's significant loss of l

  • by BUL2294 ( 1081735 ) on Thursday December 04, 2014 @11:05PM (#48528091)
    With all the state-sponsored corporate & military espionage caused by China & Russia, with the never-ending probes from government agencies like the NSA/DHS/GCHQ/etc., with malware & ransomware attacks that can encrypt data in (generally) unbreakable forms, with criminal hacking organizations making off with millions of credit card numbers from retailers, with apparently no network controls as to how much data leaves company firewalls & where it goes, and so on, why aren't there more internal air-gapped networks in companies???

    This has hit the point of absurdity. If you are working on military plane designs, working on your next corporate acquisition, or even making movies or music worth tens of millions of $$$, why would you put your prized, unreleased digital files on computers that have Internet access? What kind of batshit stupidity is that? What, so your employees can browse Facebook & check Outlook e-mail at the same time? Such an air-gapped network would easily become an island--one that doesn't need Windows Updates, can stay on an old service pack, gets no software updates that solves 2 problems and but makes a new one (e.g. we know the bugs), and the like. And if those employees really need their Outlook e-mail, IM, or the Inter-Webs where they work, they can have a 2nd very low-end PC, connected to the main network, with a KVM between the two. Might even increase efficiency, given the mind's inability to multitask well. Or give them freaking iPads on a wireless network that's not connected to their "sensitive" work computer.

    It boggles the mind that given all these problems, which are increasing in frequency & cost every day, we still have little more than software firewalls & hardware routers between a company's most highly-sensitive assets (files & computers) and the big-bad-Wild-West-no-holds-barred-Internet.
    • by godrik ( 1287354 ) on Thursday December 04, 2014 @11:48PM (#48528265)

      Well, it is probably linked to the fact most of these companies are international companies with employees all over the world needing some form of interaction with the data.

      If you really want to get an internal network that is disconnected from the internet, it means that you will need an army of monkey copying data using memory sticks to feed the data bank and bringing reports back to the employee that needs it. And that induces super high latency in the system.

      The problem seems difficult to me. Completely isolated networks might have an unreasonnable operational cost. (Though a massive data breach might just be as bad.)

  • by Trax3001BBS ( 2368736 ) on Friday December 05, 2014 @12:36AM (#48528429) Homepage Journal

    "In the letter, Sony defended its decision to wait five days to admit its security had been compromised and called on the government to help make the internet safer."

    They asked for outside help (expected the government to stop it) and apparently took security a bit lax in one area.
    "In the letter, Sony defended its decision to wait five days to admit its security had been compromised and called on the government to help make the internet safer." http://www.buzzfeed.com/tomgar... [buzzfeed.com]

    I did get two free simple games over that one, I expect money this time they need to take their security a bit more serious. I mean even shutting down the gym (who knows why, terminals?

    Once burnt twice shy, not something Sony is familiar with.

  • by golodh ( 893453 ) on Friday December 05, 2014 @03:42AM (#48528875)
    This computer burglary (I refuse to call it a hack) is unfortunate for Sony and its employees.

    My condoleances.

    On the other hand, it's very beneficial for our society that this sort of data now becomes a matter of public record simply because I'm pretty sure that the extent of data that is collected on employees hasn't been documented quite so clearly and unequivocally before.

    Besides which, it's well-documented that law-makers and public opinion generally aren't pro-active on basis of insight, intelligence, or commonsense. No, it always requires one or two actual cases of things going totally wrong to get people's attention. And even then it takes a couple of repeats before the shoot-the-messenger reflex can be bypassed and the underlying issues addressed.

    In addition, the release of business information gives a valuable historical reference on how the corporate world works in a way that transcends books and even court records (which are usually sealed anyway where commercial interests are concerned).

    So, in this respect, society as a whole benefits from this example of computer-burglary. Now if we could only make the data available in its entirety, or at least in coherent chunks ...

  • by hyades1 ( 1149581 ) <hyades1@hotmail.com> on Friday December 05, 2014 @11:07AM (#48530435)

    Remember back a few years ago, when Sony decided the best way to combat piracy was to install a rootkit on the machines of anybody who played one of their CD's?

    I hope I can be forgiven for reminding them of a couple of good old adages. Adages like, "What goes around comes around", "Karma's a bitch", and "Sauce for the goose is sauce for the gander".

    And I hope they'll forgive me for my complete lack of sympathy.

Beware of Programmers who carry screwdrivers. -- Leonard Brandwein

Working...