What the Sony Hack Looked Like To Employees

An anonymous reader writes: The cyber attack on Sony was one of the highest profile hacks in the past several years. Slate tracked down two dozen people who worked there at the time, and asked them what it was like on the inside while it was happening. Quoting: "The telephone directory vanished. Voicemail was offline. Computers became bricks. Internet access on the lot was shuttered. The cafeteria went cash-only. Contracts—and the templates those contracts were based on—disappeared. Sony's online database of stock footage was unsearchable. It was near impossible for Sony to communicate directly with its employees—much less ex-employees, who were also gravely affected by the hack—to inform them of what was even happening and what to do about it. 'It was like moving back into an earlier time,' one employee says." Some employees had their workloads doubled, some had nothing to do. While the hack brought the company together at the beginning, it eventually descended into recriminations and lawsuits.

They aren't really still blaming DPRK, are they?

[damn_registrars]

I was never sold on that explanation. The notion that North Korea even could pull it off - let alone would - I find to be absurd. Certainly if they had the ability, someone in that crew would have been aware of the Streisand Effect by now and would have said it was an awful idea. I watched The Interview, which was an awful movie - if the North Koreans wanted it to go away the right thing to do would have been to let it fail on its own. Had Sony not gotten this free PR for it, the movie would have promptly fallen into the same realm as Manos: Hands of Fate and various other un-watchables.

Re:

[OverlordQ]

Could still 'have been' DPRK, they just farmed out the actual work to somebody else.

Re:

[Rob MacDonald]

I only watched that pile of shit because of all the ruckus. NK is simply not equipped to have done this and there's no benefit from doing it. If their goal was to ensure the movie was never released that failed badly, it WAS released specifically because of this "attack" Honestly, and I'll probably take lots of flack for saying it, I think this was an amateur (or group there of) that got lucky and an inept IT department was the icing on the cake. "Computers became bricks." Hold on, that's totally not h

Re:

[Xenx]

Lets be real here. There are perfectly logical reasons why they would refer to their computers as bricks. The most likely being every single activity they do on their computer could require network access. Another possibility, and I live this at work, is PCoIP. If/when the network connection goes down, so does my ability to do literally anything computer related.

Re:They aren't really still blaming DPRK, are they

[myrdos2]

I'd hoped that you'd gotten it through your skull
About what's figurative and what's literal
But just now
You stated
You literally couldn't do anything computer related
That really makes me want to literally

Uh... Go back in time so your parents never dated? ...That seems kind of harsh.

*Looks up PCoIP*. Ah, shit.

Re:

[myrdos2]

It's a Weird Al [youtu.be] reference.

Re:

[Noah Haders]

Maybe without the server access he couldn't even log on, which would count to me as losing your ability to do literally anything computer related.

Re:

[account_deleted]

Comment removed based on user account deletion

Re:

[thoromyr]

it can help to know something about the subject before commenting on it, and such failure is particularly egregious when the topic is very public with many details publicized.

Maybe you don't like the term "bricked", but systems were wiped, leaving them inoperable.

As to the capability of North Korea, people are I think significantly underestimating their ability. In any case, the allegation is that the attack was perpetrated by actors who previously worked for North Korea or had ties to North Korea. It is en

Re:

[Noah Haders]

> Sociopaths don't give a damn about how families will afford things like food and housing or what the impact to local economies are.

Like Janis in accounting? She don't give a fuck.

Re:

[AK Marc]

systems were wiped, leaving them inoperable.

Large scale bricking is not supported by TFA. There's just one throw away comment about it, and nothing else supporting it.

Re:

[Forgefather]

From what I know the attackers used an entry point in South America. Apparently Sony had set up workstations there as part of a charity drive or some such and left the workstations running with unupdated access to the companies VPN. Some lucky hacker found the terminal and got into the network from a trusted machine, which they used to pivot into the unencrypted file system and exfiltrate the data. Among the data was a file with the unencrypted passwords to most of the network that they used to compromis

Re:

[Narcocide]

Let us not forget either, that it was hardly the only high-profile hack on Sony in recent years which showed them to be exhibiting signs of severe negligence with regards to network security basics. In 2011 the PlayStation network was hacked [wikipedia.org], interrupting service for weeks and compromising the personal details of approximately 77 million accounts.

Hint to "network security" noobs working for high-profile businesses; storing the user's own passwords at the client-side, even encrypted, is a stupid, catastroph

Re:

[khasim]

I'd bet that the security people there, initially, were overruled by higher management.

I've seen too many instances where management skips basic security because "it's easier" or because their egos cannot stand having an IT nerd tell THEM what to do. And then there's plain nepotism.

Eventually, the people who know the risks move on to better companies. And then when the breach is discovered, management can blame it on whomever was the last to leave.

Re:

[Fire_Wraith]

First, I don't work at Sony, nor did I in the past.

I do know that they ramped up and hired a bunch of people to build a CIRT after the PSN hack. The rumor that I heard was that those guys wound up in the wonderful situation of a CIRT, working for Corporate (Big Sony) that is responsible for everything, but doesn't have the power to necessarily tell the individual subsidiaries (like Sony Pictures) what to do, let alone do something like threaten to cut off network access unless issues are addressed.

So y

Re:

[Ralph Wiggam]

Let us not forget either, that it was hardly the only high-profile hack on Sony in recent years which showed them to be exhibiting signs of severe negligence with regards to network security basics.

Sony Pictures, Sony Computer Entertainment, and Sony Music are all completely separate companies. Maybe they all have shitty security- but none of the same people are involved.

Of course it wasn't the DPRK

[Anonymous Coward]

What would the DPRK have to do with rootkits on shitty music CDs?

Oh, wait, _that_ hack... I guess I'm getting old.

Re:

[gstoddart]

Certainly if they had the ability, someone in that crew would have been aware of the Streisand Effect by now and would have said it was an awful idea.

Right, because batshit crazy dictators who routinely have people offed [dailymail.co.uk] in spectacular ways who disappoint with them really give a crap when someone says "maybe we shouldn't do this".

I don't know or care who hacked Sony. But if you think telling them something is a bad idea is going to work, then I'm afraid you're so utterly clueless about North Korea that yo

Re:

[Zontar_Thing_From_Ve]

While I think that it probably wasn't the DPRK, your reason isn't good enough as to why it's not. You might be interested in reading the book _The Impossible State_ by Victor Cha, a man who worked for the George W. Bush administration and has been to North Korea. Basically even if North Koreans knew about the Streisand Effect, and I'm not sure they would have known about it, if somebody high up enough orders you to do something, you don't question it - you do it. You risk death or being sent to a labor c

Re:

[onkelonkel]

I've heard of this from my German relatives.- "Ach Ja, if only the Fuehrer knew what was going on, he'd put a stop to it."

Re:

[quantaman]

I was never sold on that explanation. The notion that North Korea even could pull it off - let alone would - I find to be absurd. Certainly if they had the ability, someone in that crew would have been aware of the Streisand Effect by now and would have said it was an awful idea. I watched The Interview, which was an awful movie - if the North Koreans wanted it to go away the right thing to do would have been to let it fail on its own. Had Sony not gotten this free PR for it, the movie would have promptly fallen into the same realm as Manos: Hands of Fate and various other un-watchables.

I thought it wasn't awful, it wasn't great, but it was more or less an average to slightly below average comedy flick.

As for NK's objectives, was their plan to stop The Interview, or to deter future projects? I doubt other studios are anxious to do another film critical of NK and draw a potential hack or something worse.

Re:

[Fire_Wraith]

If we were talking about any country that wasn't the DPRK, I would agree one hundred percent, because it's absurd.

That said, the normal rules don't apply to the DPRK, because by normal standards, the DPRK _is_ absurd. The entire country is built around a cult of personality centered on the Kim family, and propped up by the military elites. While it's dubious to what degree people actually buy in to it, it's very clear that they have to pretend to do so, because the alternative is pretty much risking getti

NK or inside job?

[onkelonkel]

Could the North Koreans have done it? Sure. Could it have been an inside job? Absolutely. My opinion is - inside job. Since there is apparently no evidence one way or another, my opinion (inside job) is no less (and no more) valid than somebody else's opinion that North Korea did it.

Re:

[Anonymous Coward]

given how thoroughly it was executed I think inside job is considerably more probable. The idea that NK both compromised their security (which admittedly was pathetic even by the lowest possible standard) and then so systematically compromise everything so fast just isn't likely. Even good professional hackers that know what they are looking at take considerable time to discover the network layout, what systems are their and then systematically compromising them. That takes a lot of time without inside info

"Like going back to an earlier time"

[PopeRatzo]

Yeah, a time before Sony was an evil fucking corporation. The late 19th century, I think.

Re:

[Behrooz Amoozad]

Like before it was a fetus?

Re:

[PopeRatzo]

Before Sony was an evil fucking corporation it was an awesome fucking corporation. You bought Sony if you wanted an excellent product.

I remember. They used to have miniDisc players that had some of the first AD/DA audio converters at the consumer level. I used to buy them at garage sales and use them to make music using early versions of ProTools.

Also, they had some nice multiband radios and a field recorder called the TCD5M that was superb. When I did sound for films I used mine all the time. A lot of

Security compliance and indemnification ..

[nickweller]

What guarantees did the providers of the software give Sony regarding compliance and indemnification in regards to not getting hacked?

What's it feel like?

[CanEHdian]

To work for the Evil Empire? Have you seen what your employer and their cronies in the MPAA wanted to do to the Internet and companies like Google? Do you feel grossed out by that?